{
"document":{
"aggregate_severity":{
"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
"text":"High"
},
"category":"csaf_vex",
"csaf_version":"2.0",
"distribution":{
"tlp":{
"label":"WHITE",
"url":"https:/www.first.org/tlp/"
}
},
"lang":"en",
"notes":[
{
"text":"kernel security update",
"category":"general",
"title":"Synopsis"
},
{
"text":"An update for kernel is now available for openEuler-24.03-LTS-SP1",
"category":"general",
"title":"Summary"
},
{
"text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nA transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.(CVE-2024-36357)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev->driver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.(CVE-2025-21915)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Prevent integer overflow in hdr_first_de()\n\nThe \"de_off\" and \"used\" variables come from the disk so they both need to\ncheck. The problem is that on 32bit systems if they're both greater than\nUINT_MAX - 16 then the check does work as intended because of an integer\noverflow.(CVE-2025-22080)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \n\nThe following loop is located right above 'if' statement.\n\nfor (i = count-1; i >= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 > blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n'i' in this case could go down to -1, in which case sum of active entries\nwouldn't exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.(CVE-2025-23150)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains '.' dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least '.'\nand '..' as directory entries in the first data block. It first loads\nthe '.' dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of '..' dir\nentry (in ext4_next_entry). It assumes the '..' dir entry fits into the\nsame data block.\n\nIf the rec_len of '.' is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for '.' dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2025-37785)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()\n\nA race can occur between the MCQ completion path and the abort handler:\nonce a request completes, __blk_mq_free_request() sets rq->mq_hctx to\nNULL, meaning the subsequent ufshcd_mcq_req_to_hwq() call in\nufshcd_mcq_abort() can return a NULL pointer. If this NULL pointer is\ndereferenced, the kernel will crash.\n\nAdd a NULL check for the returned hwq pointer. If hwq is NULL, log an\nerror and return FAILED, preventing a potential NULL-pointer\ndereference. As suggested by Bart, the ufshcd_cmd_inflight() check is\nremoved.\n\nThis is similar to the fix in commit 74736103fb41 (\"scsi: ufs: core: Fix\nufshcd_abort_one racing issue\").\n\nThis is found by our static analysis tool KNighter.(CVE-2025-37828)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: unshare page tables during VMA split, not before\n\nCurrently, __split_vma() triggers hugetlb page table unsharing through\nvm_ops->may_split(). This happens before the VMA lock and rmap locks are\ntaken - which is too early, it allows racing VMA-locked page faults in our\nprocess and racing rmap walks from other processes to cause page tables to\nbe shared again before we actually perform the split.\n\nFix it by explicitly calling into the hugetlb unshare logic from\n__split_vma() in the same place where THP splitting also happens. At that\npoint, both the VMA and the rmap(s) are write-locked.\n\nAn annoying detail is that we can now call into the helper\nhugetlb_unshare_pmds() from two different locking contexts:\n\n1. from hugetlb_split(), holding:\n - mmap lock (exclusively)\n - VMA lock\n - file rmap lock (exclusively)\n2. hugetlb_unshare_all_pmds(), which I think is designed to be able to\n call us with only the mmap lock held (in shared mode), but currently\n only runs while holding mmap lock (exclusively) and VMA lock\n\nBackporting note:\nThis commit fixes a racy protection that was introduced in commit\nb30c14cd6102 (\"hugetlb: unshare some PMDs when splitting VMAs\"); that\ncommit claimed to fix an issue introduced in 5.13, but it should actually\nalso go all the way back.\n\n[(CVE-2025-38084)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nx86/iopl: Cure TIF_IO_BITMAP inconsistencies\n\nio_bitmap_exit() is invoked from exit_thread() when a task exists or\nwhen a fork fails. In the latter case the exit_thread() cleans up\nresources which were allocated during fork().\n\nio_bitmap_exit() invokes task_update_io_bitmap(), which in turn ends up\nin tss_update_io_bitmap(). tss_update_io_bitmap() operates on the\ncurrent task. If current has TIF_IO_BITMAP set, but no bitmap installed,\ntss_update_io_bitmap() crashes with a NULL pointer dereference.\n\nThere are two issues, which lead to that problem:\n\n 1) io_bitmap_exit() should not invoke task_update_io_bitmap() when\n the task, which is cleaned up, is not the current task. That's a\n clear indicator for a cleanup after a failed fork().\n\n 2) A task should not have TIF_IO_BITMAP set and neither a bitmap\n installed nor IOPL emulation level 3 activated.\n\n This happens when a kernel thread is created in the context of\n a user space thread, which has TIF_IO_BITMAP set as the thread\n flags are copied and the IO bitmap pointer is cleared.\n\n Other than in the failed fork() case this has no impact because\n kernel threads including IO workers never return to user space and\n therefore never invoke tss_update_io_bitmap().\n\nCure this by adding the missing cleanups and checks:\n\n 1) Prevent io_bitmap_exit() to invoke task_update_io_bitmap() if\n the to be cleaned up task is not the current task.\n\n 2) Clear TIF_IO_BITMAP in copy_thread() unconditionally. For user\n space forks it is set later, when the IO bitmap is inherited in\n io_bitmap_share().\n\nFor paranoia sake, add a warning into tss_update_io_bitmap() to catch\nthe case, when that code is invoked with inconsistent state.(CVE-2025-38100)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: marvell/cesa - Handle zero-length skcipher requests\n\nDo not access random memory for zero-length skcipher requests.\nJust return 0.(CVE-2025-38173)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var\n\nIf fb_add_videomode() in fb_set_var() fails to allocate memory for\nfb_videomode, later it may lead to a null-ptr dereference in\nfb_videomode_to_var(), as the fb_info is registered while not having the\nmode in modelist that is expected to be there, i.e. the one that is\ndescribed in fb_info->var.\n\n================================================================\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901\nCall Trace:\n display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929\n fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071\n resize_screen drivers/tty/vt/vt.c:1176 [inline]\n vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263\n fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720\n fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776\n do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128\n fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl fs/ioctl.c:739 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n================================================================\n\nThe reason is that fb_info->var is being modified in fb_set_var(), and\nthen fb_videomode_to_var() is called. If it fails to add the mode to\nfb_info->modelist, fb_set_var() returns error, but does not restore the\nold value of fb_info->var. Restore fb_info->var on failure the same way\nit is done earlier in the function.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.(CVE-2025-38214)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo '0000:0a:00.2' > /sys/bus/pci/drivers/ccp/unbind\n$ echo '0000:0a:00.2' > /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.(CVE-2025-38581)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix null pointer access\n\nWriting a string without delimiters (' ', '\\n', '\\0') to the under\ngpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile\nwill result in a null pointer dereference.(CVE-2025-38705)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: kcm: Fix race condition in kcm_unattach()\n\nsyzbot found a race condition when kcm_unattach(psock)\nand kcm_release(kcm) are executed at the same time.\n\nkcm_unattach() is missing a check of the flag\nkcm->tx_stopped before calling queue_work().\n\nIf the kcm has a reserved psock, kcm_unattach() might get executed\nbetween cancel_work_sync() and unreserve_psock() in kcm_release(),\nrequeuing kcm->tx_work right before kcm gets freed in kcm_done().\n\nRemove kcm->tx_stopped and replace it by the less\nerror-prone disable_work_sync().(CVE-2025-38717)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Validate UAC3 power domain descriptors, too\n\nUAC3 power domain descriptors need to be verified with its variable\nbLength for avoiding the unexpected OOB accesses by malicious\nfirmware, too.(CVE-2025-38729)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()\n\nWe can't call destroy_workqueue(smb_direct_wq); before stop_sessions()!\n\nOtherwise already existing connections try to use smb_direct_wq as\na NULL pointer.(CVE-2025-39692)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Fix SCCB present check\n\nTracing code called by the SCLP interrupt handler contains early exits\nif the SCCB address associated with an interrupt is NULL. This check is\nperformed after physical to virtual address translation.\n\nIf the kernel identity mapping does not start at address zero, the\nresulting virtual address is never zero, so that the NULL checks won't\nwork. Subsequently this may result in incorrect accesses to the first\npage of the identity mapping.\n\nFix this by introducing a function that handles the NULL case before\naddress translation.(CVE-2025-39694)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet, hsr: reject HSR frame if skb can't hold tag\n\nReceiving HSR frame with insufficient space to hold HSR tag in the skb\ncan result in a crash (kernel BUG):\n\n[ 45.390915] skbuff: skb_under_panic: text:ffffffff86f32cac len:26 put:14 head:ffff888042418000 data:ffff888042417ff4 tail:0xe end:0x180 dev:bridge_slave_1\n[ 45.392559] ------------[ cut here ]------------\n[ 45.392912] kernel BUG at net/core/skbuff.c:211!\n[ 45.393276] Oops: invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 45.393809] CPU: 1 UID: 0 PID: 2496 Comm: reproducer Not tainted 6.15.0 #12 PREEMPT(undef)\n[ 45.394433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 45.395273] RIP: 0010:skb_panic+0x15b/0x1d0\n\n\n\n[ 45.402911] Call Trace:\n[ 45.403105] \n[ 45.404470] skb_push+0xcd/0xf0\n[ 45.404726] br_dev_queue_push_xmit+0x7c/0x6c0\n[ 45.406513] br_forward_finish+0x128/0x260\n[ 45.408483] __br_forward+0x42d/0x590\n[ 45.409464] maybe_deliver+0x2eb/0x420\n[ 45.409763] br_flood+0x174/0x4a0\n[ 45.410030] br_handle_frame_finish+0xc7c/0x1bc0\n[ 45.411618] br_handle_frame+0xac3/0x1230\n[ 45.413674] __netif_receive_skb_core.constprop.0+0x808/0x3df0\n[ 45.422966] __netif_receive_skb_one_core+0xb4/0x1f0\n[ 45.424478] __netif_receive_skb+0x22/0x170\n[ 45.424806] process_backlog+0x242/0x6d0\n[ 45.425116] __napi_poll+0xbb/0x630\n[ 45.425394] net_rx_action+0x4d1/0xcc0\n[ 45.427613] handle_softirqs+0x1a4/0x580\n[ 45.427926] do_softirq+0x74/0x90\n[ 45.428196] \n\nThis issue was found by syzkaller.\n\nThe panic happens in br_dev_queue_push_xmit() once it receives a\ncorrupted skb with ETH header already pushed in linear data. When it\nattempts the skb_push() call, there's not enough headroom and\nskb_push() panics.\n\nThe corrupted skb is put on the queue by HSR layer, which makes a\nsequence of unintended transformations when it receives a specific\ncorrupted HSR frame (with incomplete TAG).\n\nFix it by dropping and consuming frames that are not long enough to\ncontain both ethernet and hsr headers.\n\nAlternative fix would be to check for enough headroom before skb_push()\nin br_dev_queue_push_xmit().\n\nIn the reproducer, this is injected via AF_PACKET, but I don't easily\nsee why it couldn't be sent over the wire from adjacent network.\n\nFurther Details:\n\nIn the reproducer, the following network interface chain is set up:\n\n┌────────────────┐ ┌────────────────┐\n│ veth0_to_hsr ├───┤ hsr_slave0 ┼───┐\n└────────────────┘ └────────────────┘ │\n │ ┌──────┐\n ├─┤ hsr0 ├───┐\n │ └──────┘ │\n┌────────────────┐ ┌────────────────┐ │ │┌────────┐\n│ veth1_to_hsr ┼───┤ hsr_slave1 ├───┘ └┤ │\n└────────────────┘ └────────────────┘ ┌┼ bridge │\n ││ │\n │└────────┘\n │\n ┌───────┐ │\n │ ... ├──────┘\n └───────┘\n\nTo trigger the events leading up to crash, reproducer sends a corrupted\nHSR fr\n---truncated---(CVE-2025-39703)\n\nRejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.(CVE-2025-39751)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Set merge to zero early in af_alg_sendmsg\n\nIf an error causes af_alg_sendmsg to abort, ctx->merge may contain\na garbage value from the previous loop. This may then trigger a\ncrash on the next entry into af_alg_sendmsg when it attempts to do\na merge that can't be done.\n\nFix this by setting ctx->merge to zero near the start of the loop.(CVE-2025-39931)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed\n\nIf earlier opening of source graph fails (e.g. ADSP rejects due to\nincorrect audioreach topology), the graph is closed and\n\"dai_data->graph[dai->id]\" is assigned NULL. Preparing the DAI for sink\ngraph continues though and next call to q6apm_lpass_dai_prepare()\nreceives dai_data->graph[dai->id]=NULL leading to NULL pointer\nexception:\n\n qcom-apm gprsvc:service:2:1: Error (1) Processing 0x01001002 cmd\n qcom-apm gprsvc:service:2:1: DSP returned error[1001002] 1\n q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: fail to start APM port 78\n q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: ASoC: error at snd_soc_pcm_dai_prepare on TX_CODEC_DMA_TX_3: -22\n Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a8\n ...\n Call trace:\n q6apm_graph_media_format_pcm+0x48/0x120 (P)\n q6apm_lpass_dai_prepare+0x110/0x1b4\n snd_soc_pcm_dai_prepare+0x74/0x108\n __soc_pcm_prepare+0x44/0x160\n dpcm_be_dai_prepare+0x124/0x1c0(CVE-2025-39938)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndm-stripe: fix a possible integer overflow\n\nThere's a possible integer overflow in stripe_io_hints if we have too\nlarge chunk size. Test if the overflow happened, and if it did, don't set\nlimits->io_min and limits->io_opt;(CVE-2025-39940)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Disallow concurrent writes in af_alg_sendmsg\n\nIssuing two writes to the same af_alg socket is bogus as the\ndata will be interleaved in an unpredictable fashion. Furthermore,\nconcurrent writes may create inconsistencies in the internal\nsocket state.\n\nDisallow this by adding a new ctx->write field that indiciates\nexclusive ownership for writing.(CVE-2025-39964)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: check for stable address space before operating on the VMA\n\nIt is possible to hit a zero entry while traversing the vmas in unuse_mm()\ncalled from swapoff path and accessing it causes the OOPS:\n\nUnable to handle kernel NULL pointer dereference at virtual address\n0000000000000446--> Loading the memory from offset 0x40 on the\nXA_ZERO_ENTRY as address.\nMem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n\nThe issue is manifested from the below race between the fork() on a\nprocess and swapoff:\nfork(dup_mmap())\t\t\tswapoff(unuse_mm)\n--------------- -----------------\n1) Identical mtree is built using\n __mt_dup().\n\n2) copy_pte_range()-->\n\tcopy_nonpresent_pte():\n The dst mm is added into the\n mmlist to be visible to the\n swapoff operation.\n\n3) Fatal signal is sent to the parent\nprocess(which is the current during the\nfork) thus skip the duplication of the\nvmas and mark the vma range with\nXA_ZERO_ENTRY as a marker for this process\nthat helps during exit_mmap().\n\n\t\t\t\t 4) swapoff is tried on the\n\t\t\t\t\t'mm' added to the 'mmlist' as\n\t\t\t\t\tpart of the 2.\n\n\t\t\t\t 5) unuse_mm(), that iterates\n\t\t\t\t\tthrough the vma's of this 'mm'\n\t\t\t\t\twill hit the non-NULL zero entry\n\t\t\t\t\tand operating on this zero entry\n\t\t\t\t\tas a vma is resulting into the\n\t\t\t\t\toops.\n\nThe proper fix would be around not exposing this partially-valid tree to\nothers when droping the mmap lock, which is being solved with [1]. A\nsimpler solution would be checking for MMF_UNSTABLE, as it is set if\nmm_struct is not fully initialized in dup_mmap().\n\nThanks to Liam/Lorenzo/David for all the suggestions in fixing this\nissue.(CVE-2025-39992)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix warning in smc_rx_splice() when calling get_page()\n\nsmc_lo_register_dmb() allocates DMB buffers with kzalloc(), which are\nlater passed to get_page() in smc_rx_splice(). Since kmalloc memory is\nnot page-backed, this triggers WARN_ON_ONCE() in get_page() and prevents\nholding a refcount on the buffer. This can lead to use-after-free if\nthe memory is released before splice_to_pipe() completes.\n\nUse folio_alloc() instead, ensuring DMBs are page-backed and safe for\nget_page().\n\nWARNING: CPU: 18 PID: 12152 at ./include/linux/mm.h:1330 smc_rx_splice+0xaf8/0xe20 [smc]\nCPU: 18 UID: 0 PID: 12152 Comm: smcapp Kdump: loaded Not tainted 6.17.0-rc3-11705-g9cf4672ecfee #10 NONE\nHardware name: IBM 3931 A01 704 (z/VM 7.4.0)\nKrnl PSW : 0704e00180000000 000793161032696c (smc_rx_splice+0xafc/0xe20 [smc])\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\nKrnl GPRS: 0000000000000000 001cee80007d3001 00077400000000f8 0000000000000005\n 0000000000000001 001cee80007d3006 0007740000001000 001c000000000000\n 000000009b0c99e0 0000000000001000 001c0000000000f8 001c000000000000\n 000003ffcc6f7c88 0007740003e98000 0007931600000005 000792969b2ff7b8\nKrnl Code: 0007931610326960: af000000\t\tmc\t0,0\n 0007931610326964: a7f4ff43\t\tbrc\t15,00079316103267ea\n #0007931610326968: af000000\t\tmc\t0,0\n >000793161032696c: a7f4ff3f\t\tbrc\t15,00079316103267ea\n 0007931610326970: e320f1000004\tlg\t%r2,256(%r15)\n 0007931610326976: c0e53fd1b5f5\tbrasl\t%r14,000793168fd5d560\n 000793161032697c: a7f4fbb5\t\tbrc\t15,00079316103260e6\n 0007931610326980: b904002b\t\tlgr\t%r2,%r11\nCall Trace:\n smc_rx_splice+0xafc/0xe20 [smc]\n smc_rx_splice+0x756/0xe20 [smc])\n smc_rx_recvmsg+0xa74/0xe00 [smc]\n smc_splice_read+0x1ce/0x3b0 [smc]\n sock_splice_read+0xa2/0xf0\n do_splice_read+0x198/0x240\n splice_file_to_pipe+0x7e/0x110\n do_splice+0x59e/0xde0\n __do_splice+0x11a/0x2d0\n __s390x_sys_splice+0x140/0x1f0\n __do_syscall+0x122/0x280\n system_call+0x6e/0x90\nLast Breaking-Event-Address:\nsmc_rx_splice+0x960/0xe20 [smc]\n---[ end trace 0000000000000000 ]---(CVE-2025-40012)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nInput: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak\n\nStruct ff_effect_compat is embedded twice inside\nuinput_ff_upload_compat, contains internal padding. In particular, there\nis a hole after struct ff_replay to satisfy alignment requirements for\nthe following union member. Without clearing the structure,\ncopy_to_user() may leak stack data to userspace.\n\nInitialize ff_up_compat to zero before filling valid fields.(CVE-2025-40035)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: nci: Add parameter validation for packet data\n\nSyzbot reported an uninitialized value bug in nci_init_req, which was\nintroduced by commit 5aca7966d2a7 (\"Merge tag\n'perf-tools-fixes-for-v6.17-2025-09-16' of\ngit://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools\").\n\nThis bug arises due to very limited and poor input validation\nthat was done at nic_valid_size(). This validation only\nvalidates the skb->len (directly reflects size provided at the\nuserspace interface) with the length provided in the buffer\nitself (interpreted as NCI_HEADER). This leads to the processing\nof memory content at the address assuming the correct layout\nper what opcode requires there. This leads to the accesses to\nbuffer of `skb_buff->data` which is not assigned anything yet.\n\nFollowing the same silent drop of packets of invalid sizes at\n`nic_valid_size()`, add validation of the data in the respective\nhandlers and return error values in case of failure. Release\nthe skb if error values are returned from handlers in\n`nci_nft_packet` and effectively do a silent drop\n\nPossible TODO: because we silently drop the packets, the\ncall to `nci_request` will be waiting for completion of request\nand will face timeouts. These timeouts can get excessively logged\nin the dmesg. A proper handling of them may require to export\n`nci_request_cancel` (or propagate error handling from the\nnft packets handlers).(CVE-2025-40043)\n\nIn the Linux kernel, a race condition vulnerability exists in the uio_hv_generic driver. The driver's default interrupt mask setting logic is flawed, as the interrupt mask value should be completely controlled by user space. If the mask bit gets changed by the driver concurrently with user mode operating on the ring, the mask bit may be set when it is supposed to be clear, causing the user-mode driver to miss an interrupt and leading to a system hang.\n\nSpecifically, when the driver sets the inbound ring buffer interrupt mask to 1, the host does not interrupt the guest on the UIO VMBus channel. However, setting the mask does not prevent the host from putting a message in the inbound ring buffer. This results in the host putting a message into the ring buffer without interruption. Subsequently, when user space code in the guest sets the inbound ring buffer interrupt mask to 0 and waits for an interrupt via pread(), since there's already a message in the ring buffer, no new interrupt is generated, causing pread() to wait indefinitely.\n\nThe fix removes all instances where interrupt_mask is changed, while keeping the one in set_event() unchanged to enable user space control of the interrupt mask by writing 0/1 to /dev/uioX.(CVE-2025-40048)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: dlink: handle copy_thresh allocation failure\n\nThe driver did not handle failure of `netdev_alloc_skb_ip_align()`.\nIf the allocation failed, dereferencing `skb->protocol` could lead to\na NULL pointer dereference.\n\nThis patch tries to allocate `skb`. If the allocation fails, it falls\nback to the normal path.\n\nTested-on: D-Link DGE-550T Rev-A3(CVE-2025-40053)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix double free in user_cluster_connect()\n\nuser_cluster_disconnect() frees \"conn->cc_private\" which is \"lc\" but then\nthe error handling frees \"lc\" a second time. Set \"lc\" to NULL on this\npath to avoid a double free.(CVE-2025-40055)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()\n\nBUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186\nRead of size 2 at addr ffff8880289ef218 by task syz.6.248/14290\n\nCPU: 0 UID: 0 PID: 14290 Comm: syz.6.248 Not tainted 6.16.4 #1 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1b0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x5f0 mm/kasan/report.c:482\n kasan_report+0xca/0x100 mm/kasan/report.c:595\n hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186\n hfsplus_listxattr+0x5b6/0xbd0 fs/hfsplus/xattr.c:738\n vfs_listxattr+0xbe/0x140 fs/xattr.c:493\n listxattr+0xee/0x190 fs/xattr.c:924\n filename_listxattr fs/xattr.c:958 [inline]\n path_listxattrat+0x143/0x360 fs/xattr.c:988\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcb/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe0e9fae16d\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fe0eae67f98 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3\nRAX: ffffffffffffffda RBX: 00007fe0ea205fa0 RCX: 00007fe0e9fae16d\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000\nRBP: 00007fe0ea0480f0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fe0ea206038 R14: 00007fe0ea205fa0 R15: 00007fe0eae48000\n \n\nAllocated by task 14290:\n kasan_save_stack+0x24/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4333 [inline]\n __kmalloc_noprof+0x219/0x540 mm/slub.c:4345\n kmalloc_noprof include/linux/slab.h:909 [inline]\n hfsplus_find_init+0x95/0x1f0 fs/hfsplus/bfind.c:21\n hfsplus_listxattr+0x331/0xbd0 fs/hfsplus/xattr.c:697\n vfs_listxattr+0xbe/0x140 fs/xattr.c:493\n listxattr+0xee/0x190 fs/xattr.c:924\n filename_listxattr fs/xattr.c:958 [inline]\n path_listxattrat+0x143/0x360 fs/xattr.c:988\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcb/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nWhen hfsplus_uni2asc is called from hfsplus_listxattr,\nit actually passes in a struct hfsplus_attr_unistr*.\nThe size of the corresponding structure is different from that of hfsplus_unistr,\nso the previous fix (94458781aee6) is insufficient.\nThe pointer on the unicode buffer is still going beyond the allocated memory.\n\nThis patch introduces two warpper functions hfsplus_uni2asc_xattr_str and\nhfsplus_uni2asc_str to process two unicode buffers,\nstruct hfsplus_attr_unistr* and struct hfsplus_unistr* respectively.\nWhen ustrlen value is bigger than the allocated memory size,\nthe ustrlen value is limited to an safe size.(CVE-2025-40082)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: transport_ipc: validate payload size before reading handle\n\nhandle_response() dereferences the payload as a 4-byte handle without\nverifying that the declared payload size is at least 4 bytes. A malformed\nor truncated message from ksmbd.mountd can lead to a 4-byte read past the\ndeclared payload size. Validate the size before dereferencing.\n\nThis is a minimal fix to guard the initial handle read.(CVE-2025-40084)\n\nIn the Linux kernel, a buffer overflow vulnerability exists in the hfsplus_strcasecmp() function of the hfsplus filesystem. When the hfsplus_strcasecmp() logic is triggered, it causes a slab-out-of-bounds read, allowing attackers to read sensitive information from kernel memory. This vulnerability triggers KASAN-detected boundary check errors and could be exploited for information disclosure or system crash attacks.(CVE-2025-40088)\n\nIn the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure set_ent is always present. Ensure that set_ent is always set since only drbg provides it. The Linux kernel CVE team has assigned CVE-2025-40109 to this issue.(CVE-2025-40109)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix a null-ptr access in the cursor snooper\n\nCheck that the resource which is converted to a surface exists before\ntrying to use the cursor snooper on it.\n\nvmw_cmd_res_check allows explicit invalid (SVGA3D_INVALID_ID) identifiers\nbecause some svga commands accept SVGA3D_INVALID_ID to mean \"no surface\",\nunfortunately functions that accept the actual surfaces as objects might\n(and in case of the cursor snooper, do not) be able to handle null\nobjects. Make sure that we validate not only the identifier (via the\nvmw_cmd_res_check) but also check that the actual resource exists before\ntrying to do something with it.\n\nFixes unchecked null-ptr reference in the snooping code.(CVE-2025-40110)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock\n\nPrevent USB runtime PM (autosuspend) for AX88772* in bind.\n\nusbnet enables runtime PM (autosuspend) by default, so disabling it via\nthe usb_driver flag is ineffective. On AX88772B, autosuspend shows no\nmeasurable power saving with current driver (no link partner, admin\nup/down). The ~0.453 W -> ~0.248 W drop on v6.1 comes from phylib powering\nthe PHY off on admin-down, not from USB autosuspend.\n\nThe real hazard is that with runtime PM enabled, ndo_open() (under RTNL)\nmay synchronously trigger autoresume (usb_autopm_get_interface()) into\nasix_resume() while the USB PM lock is held. Resume paths then invoke\nphylink/phylib and MDIO, which also expect RTNL, leading to possible\ndeadlocks or PM lock vs MDIO wake issues.\n\nTo avoid this, keep the device runtime-PM active by taking a usage\nreference in ax88772_bind() and dropping it in unbind(). A non-zero PM\nusage count blocks runtime suspend regardless of userspace policy\n(.../power/control - pm_runtime_allow/forbid), making this approach\nrobust against sysfs overrides.\n\nHolding a runtime-PM usage ref does not affect system-wide suspend;\nsystem sleep/resume callbacks continue to run as before.(CVE-2025-40120)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Enforce expected_attach_type for tailcall compatibility\n\nYinhao et al. recently reported:\n\n Our fuzzer tool discovered an uninitialized pointer issue in the\n bpf_prog_test_run_xdp() function within the Linux kernel's BPF subsystem.\n This leads to a NULL pointer dereference when a BPF program attempts to\n deference the txq member of struct xdp_buff object.\n\nThe test initializes two programs of BPF_PROG_TYPE_XDP: progA acts as the\nentry point for bpf_prog_test_run_xdp() and its expected_attach_type can\nneither be of be BPF_XDP_DEVMAP nor BPF_XDP_CPUMAP. progA calls into a slot\nof a tailcall map it owns. progB's expected_attach_type must be BPF_XDP_DEVMAP\nto pass xdp_is_valid_access() validation. The program returns struct xdp_md's\negress_ifindex, and the latter is only allowed to be accessed under mentioned\nexpected_attach_type. progB is then inserted into the tailcall which progA\ncalls.\n\nThe underlying issue goes beyond XDP though. Another example are programs\nof type BPF_PROG_TYPE_CGROUP_SOCK_ADDR. sock_addr_is_valid_access() as well\nas sock_addr_func_proto() have different logic depending on the programs'\nexpected_attach_type. Similarly, a program attached to BPF_CGROUP_INET4_GETPEERNAME\nshould not be allowed doing a tailcall into a program which calls bpf_bind()\nout of BPF which is only enabled for BPF_CGROUP_INET4_CONNECT.\n\nIn short, specifying expected_attach_type allows to open up additional\nfunctionality or restrictions beyond what the basic bpf_prog_type enables.\nThe use of tailcalls must not violate these constraints. Fix it by enforcing\nexpected_attach_type in __bpf_prog_map_compatible().\n\nNote that we only enforce this for tailcall maps, but not for BPF devmaps or\ncpumaps: There, the programs are invoked through dev_map_bpf_prog_run*() and\ncpu_map_bpf_prog_run*() which set up a new environment / context and therefore\nthese situations are not prone to this issue.(CVE-2025-40123)\n\nIn the Linux kernel, a vulnerability exists in the blk-mq component: the return value of blk_mq_sysfs_register_hctxs() is not checked in __blk_mq_update_nr_hw_queues() function. If sysfs creation for hctx fails, later changing the number of hw_queues or removing disk will trigger kernel warnings. The issue occurs because kobject_del() is called unconditionally even when sysfs creation fails, leading to kernfs directory operation errors.(CVE-2025-40125)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix null pointer dereference on zero-length checksum\n\nIn xdr_stream_decode_opaque_auth(), zero-length checksum.len causes\nchecksum.data to be set to NULL. This triggers a NPD when accessing\nchecksum.data in gss_krb5_verify_mic_v2(). This patch ensures that\nthe value of checksum.len is not less than XDR_UNIT.(CVE-2025-40129)\n\nIn the Linux kernel, there is a race condition between device manager (dm) suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes, causing q->tag_set to be a NULL pointer and leading to system crash. The vulnerability affects Linux kernel versions from 5.0 to 6.17.2.(CVE-2025-40134)\n\nIn the Linux kernel, a race condition vulnerability exists in the rtl8150 USB network driver's rtl8150_set_multicast function. The vulnerability occurs because rtl8150_set_multicast incorrectly calls netif_stop_queue and netif_wake_queue, causing TX queue synchronization issues. When rtl8150_set_multicast wakes up the TX queue before USB transfer completion, it may lead to double submission of URB in rtl8150_start_xmit, resulting in warnings and potential system instability.(CVE-2025-40140)\n\nIn the Linux kernel, a use-after-free vulnerability has been identified in the Bluetooth ISO module. This vulnerability is similar to the issue in sco_conn_free where if conn->sk is not set to NULL, it may lead to use-after-free in iso_conn_free.(CVE-2025-40141)\n\nA vulnerability was found in the Linux kernel where calling mprotect() on large hugetlb memory areas (approximately 300GB) can cause soft lockup issues. The CPU becomes stuck for extended periods, making the system unresponsive. This occurs because the hugetlb handling for large memory lacks proper scheduling opportunities, unlike THP or base pages which already have cond_resched() calls. Although the soft lockup was triggered by MTE, this is not MTE-specific - any processing that takes a long time in the loop may trigger soft lockup.(CVE-2025-40153)\n\nIn the Linux kernel, the usbnet driver contains a stack-based buffer overflow vulnerability. Syzbot reported warnings about using smp_processor_id() in preemptible code. This vulnerability may lead to stack buffer overflow, affecting system confidentiality, integrity, and availability. The vulnerability stems from the incorrect use of smp_processor_id() function in the usbnet_skb_return function within preemptible context.(CVE-2025-40164)\n\nIn the Linux kernel, a vulnerability has been found in the ext4 filesystem. When opening a verity file on a corrupted ext4 filesystem mounted without a journal, syzbot reported a BUG_ON in ext4_es_cache_extent(). The issue is that the filesystem has an inode with both the INLINE_DATA and EXTENTS flags set. This is an invalid combination since an inode should have either: INLINE_DATA (data stored directly in the inode) or EXTENTS (data stored in extent-mapped blocks). Having both flags causes ext4_has_inline_data() to return true, skipping extent tree validation in __ext4_iget(). The unvalidated out-of-order extents then trigger a BUG_ON in ext4_es_cache_extent() due to integer underflow when calculating hole sizes.(CVE-2025-40167)\n\nIn the Linux kernel, the check_alu_op() function in the BPF verifier contains a vulnerability when validating ALU operation instructions. The function validates BPF program instructions where the 'offset' field is a signed 16-bit integer. The original check condition 'insn->off > 1' was intended to ensure the offset is either 0 or 1 (for BPF_MOD/BPF_DIV operations). However, since 'insn->off' is signed, this check incorrectly accepts all negative values (e.g., -1). This vulnerability allows maliciously crafted BPF programs to bypass verification, potentially leading to privilege escalation and other security issues.(CVE-2025-40169)\n\nIn the Linux kernel, a vulnerability has been found in the nvmet-fc module. When multiple async commands are in flight from __nvmet_fc_send_ls_req, a tgtport reference is taken for each command. In the current code, only one put work item is queued at a time, which results in a leaked reference. This vulnerability affects multiple Linux kernel version branches.(CVE-2025-40171)\n\nIn the Linux kernel, a vulnerability has been identified in the net/ip6_tunnel module. Similar to IPv4 tunnel, IPv6 version also updates dev->needed_headroom. While IPv4 tunnel headroom adjustment growth was limited in commit 5ae1e9922bbd, the IPv6 tunnel continues to increase headroom without any ceiling. This vulnerability may lead to perpetual tunnel growth, affecting system confidentiality, integrity, and availability, with potential privilege escalation risks.(CVE-2025-40173)\n\nIn the Linux kernel, during asynchronous decryption in the TLS module, the tls_strp_msg_hold function is called to create a clone of the input skb to hold references to the memory it uses. If the allocation of this clone fails, proceeding with asynchronous decryption can lead to various issues (UAF on the skb, writing into userspace memory after the recv() call has returned). In this case, the system should wait for all pending decryption requests to complete.(CVE-2025-40176)\n\nIn the Linux kernel, there is a NULL pointer dereference vulnerability in the pid_nr_ns function. When task_active_pid_ns returns null, it triggers kernel panic. The vulnerability manifests as kernel panic when task_active_pid_ns returns null in the pid_nr_ns function. The vulnerability example shows inability to handle kernel NULL pointer dereference errors, leading to system crash. The specific error is 'Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058', ultimately causing kernel panic and system crash.(CVE-2025-40178)\n\nIn the Linux kernel, the ext4 filesystem has a vulnerability: orphan files can be arbitrarily large in principle. However, orphan replay needs to traverse all content and pin all buffers in memory. Filesystems with absurdly large orphan files can lead to significant memory consumption. The vulnerability limits orphan file size to a sane value and uses kvmalloc() for allocating array of block descriptor structures to avoid large order allocations for large orphan files.(CVE-2025-40179)\n\nIn the Linux kernel, a memory leak vulnerability exists. Cilium's BPF egress gateway feature redirects K8s Pod traffic through vxlan tunnels to dedicated egress gateways. When using the bpf_redirect_neigh() helper to forward packets, vxlan allocates metadata_dst objects and attaches them to skb through fake dst entries. However, since bpf_redirect_neigh() only sets new dst entries without first dropping existing ones, the metadata_dst objects are never released, causing continuous increase in kmalloc-256 slab usage.(CVE-2025-40183)\n\nIn the Linux kernel, a NULL pointer dereference vulnerability exists in the SCTP protocol. When new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0, and sctp_ulpevent_make_authkey() returns 0, the variable ai_ev remains zero and this zero value will be dereferenced in the sctp_ulpevent_free() function.(CVE-2025-40187)\n\nIn the Linux kernel, there is a reference count underflow vulnerability in the ext4 file system. Syzkaller discovered a path where ext4_xattr_inode_update_ref() reads an EA inode refcount that is already <= 0 and then applies ref_change (often -1), causing the refcount to underflow and proceed with a bogus value, triggering errors like: EXT4-fs error: EA inode ref underflow, EXT4-fs warning: ea_inode dec ref err. The fix makes the invariant explicit: if the current refcount is non-positive, treat it as on-disk corruption, emit ext4_error_inode(), and fail the operation with -EFSCORRUPTED instead of updating the refcount.(CVE-2025-40190)\n\nIn the Linux kernel, the following vulnerability has been resolved: Revert \"ipmi: fix msg stack when IPMI is disconnected\". This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in a certain way. Apparently certain BMCs do misbehave this way because several reports have come in recently about this.(CVE-2025-40192)\n\nIn the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request(). The cpufreq_cpu_put() call in update_qos_request() takes place too early because the latter subsequently calls freq_qos_update_request() that indirectly accesses the policy object in question through the QoS request object passed to it. Fortunately, update_qos_request() is called under intel_pstate_driver_lock, so this issue does not matter for changing the intel_pstate operation mode, but it theoretically can cause a crash to occur on CPU device hot removal (which currently can only happen in virt, but it is formally supported nevertheless). Address this issue by modifying update_qos_request() to drop the reference to the policy later.(CVE-2025-40194)\n\nIn the Linux kernel, a buffer over-read vulnerability has been discovered in the parse_apply_sb_mount_options() function of the ext4 filesystem. Unlike other strings in the ext4 superblock, this vulnerability relies on tune2fs to ensure s_mount_opts is NUL terminated. The parse_apply_sb_mount_options() function has been hardened by treating s_mount_opts as a potential __nonstring.(CVE-2025-40198)\n\nIn the Linux kernel, a vulnerability has been identified in the Squashfs filesystem's squashfs_read_inode() function, which fails to properly validate input data and may accept negative file sizes. Syskaller reports a \"WARNING in ovl_copy_up_file\" in overlayfs. This warning is ultimately caused because the underlying Squashfs filesystem returns a file with a negative file size. This commit fixes the issue by checking for negative file sizes and returning EINVAL.(CVE-2025-40200)\n\nIn the Linux kernel, the sys_prlimit64() path has a race condition issue with the usage of task_lock(tsk->group_leader). When tsk != current and tsk is not a leader, this process can exit/exec and task_lock(tsk->group_leader) may use the already freed task_struct. Another problem is that sys_prlimit64() can race with mt-exec which changes ->group_leader. In this case do_prlimit() may take the wrong lock, or (worse) ->group_leader may change between task_lock() and task_unlock(). The fix changes sys_prlimit64() to take tasklist_lock when necessary.(CVE-2025-40201)\n\nIn the Linux kernel, the IPMI subsystem's user message limit handling had a number of issues, including improper counting in some cases and a use-after-free vulnerability. The vulnerability has been resolved by restructuring the handling to manage more in the receive message allocation routine, where all referencing and user message limit counts are now handled, making the process cleaner and safer. This vulnerability affects Linux Kernel versions from 5.19 to 6.18-rc1.(CVE-2025-40202)\n\nIn the Linux kernel, the SCTP protocol's MAC comparison implementation was vulnerable to timing attacks. This vulnerability allows attackers to infer MAC values through timing analysis, potentially bypassing security validation. The fix modifies the MAC comparison to use constant-time comparison to prevent timing attacks.(CVE-2025-40204)\n\nIn the Linux kernel, the netfilter nft_objref module has a validation bypass vulnerability. Referencing a synproxy stateful object from OUTPUT hook causes kernel crash due to infinite recursive calls. This vulnerability allows attackers to trigger kernel stack overflow through specially crafted nftables rules, leading to system crash. Validation functions for objref and objrefmap expressions have been implemented, currently only NFT_OBJECT_SYNPROXY object type requires validation.(CVE-2025-40206)\n\nIn the Linux kernel, a use-after-free vulnerability exists in the ACPI video subsystem. The switch_brightness_work delayed work accesses device->brightness and device->backlight, which are freed by acpi_video_dev_unregister_backlight() during device removal. If the work executes after acpi_video_bus_unregister_backlight() frees these resources, it causes a use-after-free when acpi_video_switch_brightness() dereferences device->brightness or device->backlight. The issue is fixed by calling cancel_delayed_work_sync() for each device's switch_brightness_work in acpi_video_bus_remove_notify_handler() after removing the notify handler that queues the work, ensuring the work completes before the memory is freed.(CVE-2025-40211)",
"category":"general",
"title":"Description"
},
{
"text":"An update for kernel is now available for openEuler-24.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
"category":"general",
"title":"Topic"
},
{
"text":"High",
"category":"general",
"title":"Severity"
},
{
"text":"kernel",
"category":"general",
"title":"Affected Component"
}
],
"publisher":{
"issuing_authority":"openEuler security committee",
"name":"openEuler",
"namespace":"https://www.openeuler.org",
"contact_details":"openeuler-security@openeuler.org",
"category":"vendor"
},
"references":[
{
"summary":"openEuler-SA-2025-2766",
"category":"self",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
},
{
"summary":"CVE-2024-36357",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-36357&packageName=kernel"
},
{
"summary":"CVE-2025-21915",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21915&packageName=kernel"
},
{
"summary":"CVE-2025-22080",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22080&packageName=kernel"
},
{
"summary":"CVE-2025-23150",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-23150&packageName=kernel"
},
{
"summary":"CVE-2025-37785",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37785&packageName=kernel"
},
{
"summary":"CVE-2025-37828",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37828&packageName=kernel"
},
{
"summary":"CVE-2025-38084",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38084&packageName=kernel"
},
{
"summary":"CVE-2025-38100",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38100&packageName=kernel"
},
{
"summary":"CVE-2025-38173",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38173&packageName=kernel"
},
{
"summary":"CVE-2025-38214",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38214&packageName=kernel"
},
{
"summary":"CVE-2025-38581",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38581&packageName=kernel"
},
{
"summary":"CVE-2025-38705",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38705&packageName=kernel"
},
{
"summary":"CVE-2025-38717",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38717&packageName=kernel"
},
{
"summary":"CVE-2025-38729",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38729&packageName=kernel"
},
{
"summary":"CVE-2025-39692",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39692&packageName=kernel"
},
{
"summary":"CVE-2025-39694",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39694&packageName=kernel"
},
{
"summary":"CVE-2025-39703",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39703&packageName=kernel"
},
{
"summary":"CVE-2025-39751",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39751&packageName=kernel"
},
{
"summary":"CVE-2025-39931",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39931&packageName=kernel"
},
{
"summary":"CVE-2025-39938",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39938&packageName=kernel"
},
{
"summary":"CVE-2025-39940",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39940&packageName=kernel"
},
{
"summary":"CVE-2025-39964",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39964&packageName=kernel"
},
{
"summary":"CVE-2025-39992",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39992&packageName=kernel"
},
{
"summary":"CVE-2025-40012",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40012&packageName=kernel"
},
{
"summary":"CVE-2025-40035",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40035&packageName=kernel"
},
{
"summary":"CVE-2025-40043",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40043&packageName=kernel"
},
{
"summary":"CVE-2025-40048",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40048&packageName=kernel"
},
{
"summary":"CVE-2025-40053",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40053&packageName=kernel"
},
{
"summary":"CVE-2025-40055",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40055&packageName=kernel"
},
{
"summary":"CVE-2025-40082",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40082&packageName=kernel"
},
{
"summary":"CVE-2025-40084",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40084&packageName=kernel"
},
{
"summary":"CVE-2025-40088",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40088&packageName=kernel"
},
{
"summary":"CVE-2025-40109",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40109&packageName=kernel"
},
{
"summary":"CVE-2025-40110",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40110&packageName=kernel"
},
{
"summary":"CVE-2025-40120",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40120&packageName=kernel"
},
{
"summary":"CVE-2025-40123",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40123&packageName=kernel"
},
{
"summary":"CVE-2025-40125",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40125&packageName=kernel"
},
{
"summary":"CVE-2025-40129",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40129&packageName=kernel"
},
{
"summary":"CVE-2025-40134",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40134&packageName=kernel"
},
{
"summary":"CVE-2025-40140",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40140&packageName=kernel"
},
{
"summary":"CVE-2025-40141",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40141&packageName=kernel"
},
{
"summary":"CVE-2025-40153",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40153&packageName=kernel"
},
{
"summary":"CVE-2025-40164",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40164&packageName=kernel"
},
{
"summary":"CVE-2025-40167",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40167&packageName=kernel"
},
{
"summary":"CVE-2025-40169",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40169&packageName=kernel"
},
{
"summary":"CVE-2025-40171",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40171&packageName=kernel"
},
{
"summary":"CVE-2025-40173",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40173&packageName=kernel"
},
{
"summary":"CVE-2025-40176",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40176&packageName=kernel"
},
{
"summary":"CVE-2025-40178",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40178&packageName=kernel"
},
{
"summary":"CVE-2025-40179",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40179&packageName=kernel"
},
{
"summary":"CVE-2025-40183",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40183&packageName=kernel"
},
{
"summary":"CVE-2025-40187",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40187&packageName=kernel"
},
{
"summary":"CVE-2025-40190",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40190&packageName=kernel"
},
{
"summary":"CVE-2025-40192",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40192&packageName=kernel"
},
{
"summary":"CVE-2025-40194",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40194&packageName=kernel"
},
{
"summary":"CVE-2025-40198",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40198&packageName=kernel"
},
{
"summary":"CVE-2025-40200",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40200&packageName=kernel"
},
{
"summary":"CVE-2025-40201",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40201&packageName=kernel"
},
{
"summary":"CVE-2025-40202",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40202&packageName=kernel"
},
{
"summary":"CVE-2025-40204",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40204&packageName=kernel"
},
{
"summary":"CVE-2025-40206",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40206&packageName=kernel"
},
{
"summary":"CVE-2025-40211",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40211&packageName=kernel"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36357"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21915"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22080"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23150"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37785"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37828"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38084"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38100"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38173"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38214"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38581"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38705"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38717"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38729"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39692"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39694"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39703"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39751"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39931"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39938"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39940"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39964"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39992"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40012"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40035"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40043"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40048"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40053"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40055"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40082"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40084"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40088"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40109"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40110"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40120"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40123"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40125"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40129"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40134"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40140"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40141"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40153"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40164"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40167"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40169"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40171"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40173"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40176"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40178"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40179"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40183"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40187"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40190"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40192"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40194"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40198"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40200"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40201"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40202"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40204"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40206"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40211"
},
{
"summary":"openEuler-SA-2025-2766 vex file",
"category":"self",
"url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openEuler-SA-2025-2766.json"
}
],
"title":"An update for kernel is now available for openEuler-24.03-LTS-SP1",
"tracking":{
"initial_release_date":"2025-12-01T09:56:23+08:00",
"revision_history":[
{
"date":"2025-12-01T09:56:23+08:00",
"summary":"Initial",
"number":"1.0.0"
}
],
"generator":{
"date":"2025-12-01T09:56:23+08:00",
"engine":{
"name":"openEuler CSAF Tool V1.0"
}
},
"current_release_date":"2025-12-01T09:56:23+08:00",
"id":"openEuler-SA-2025-2766",
"version":"1.0.0",
"status":"final"
}
},
"product_tree":{
"branches":[
{
"name":"openEuler",
"category":"vendor",
"branches":[
{
"name":"openEuler",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"openEuler-24.03-LTS-SP1",
"name":"openEuler-24.03-LTS-SP1"
},
"name":"openEuler-24.03-LTS-SP1",
"category":"product_version"
}
],
"category":"product_name"
},
{
"name":"x86_64",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"name":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm"
},
"name":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"category":"product_version"
}
],
"category":"architecture"
},
{
"name":"src",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-6.6.0-121.0.0.123.oe2403sp1.src.rpm",
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.src.rpm"
},
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.src.rpm",
"category":"product_version"
}
],
"category":"architecture"
},
{
"name":"aarch64",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
},
"product_id":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"name":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm"
},
"name":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"category":"product_version"
}
],
"category":"architecture"
}
]
}
],
"relationships":[
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"perf-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"name":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-6.6.0-121.0.0.123.oe2403sp1.src.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.src as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"perf-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
"product_reference":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"name":"python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
},
"category":"default_component_of"
}
]
},
"vulnerabilities":[
{
"cve":"CVE-2024-36357",
"notes":[
{
"text":"A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.6,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2024-36357"
},
{
"cve":"CVE-2025-21915",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev->driver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-21915"
},
{
"cve":"CVE-2025-22080",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Prevent integer overflow in hdr_first_de()\n\nThe \"de_off\" and \"used\" variables come from the disk so they both need to\ncheck. The problem is that on 32bit systems if they're both greater than\nUINT_MAX - 16 then the check does work as intended because of an integer\noverflow.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-22080"
},
{
"cve":"CVE-2025-23150",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \n\nThe following loop is located right above 'if' statement.\n\nfor (i = count-1; i >= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 > blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n'i' in this case could go down to -1, in which case sum of active entries\nwouldn't exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-23150"
},
{
"cve":"CVE-2025-37785",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains '.' dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least '.'\nand '..' as directory entries in the first data block. It first loads\nthe '.' dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of '..' dir\nentry (in ext4_next_entry). It assumes the '..' dir entry fits into the\nsame data block.\n\nIf the rec_len of '.' is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for '.' dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.1,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-37785"
},
{
"cve":"CVE-2025-37828",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()\n\nA race can occur between the MCQ completion path and the abort handler:\nonce a request completes, __blk_mq_free_request() sets rq->mq_hctx to\nNULL, meaning the subsequent ufshcd_mcq_req_to_hwq() call in\nufshcd_mcq_abort() can return a NULL pointer. If this NULL pointer is\ndereferenced, the kernel will crash.\n\nAdd a NULL check for the returned hwq pointer. If hwq is NULL, log an\nerror and return FAILED, preventing a potential NULL-pointer\ndereference. As suggested by Bart, the ufshcd_cmd_inflight() check is\nremoved.\n\nThis is similar to the fix in commit 74736103fb41 (\"scsi: ufs: core: Fix\nufshcd_abort_one racing issue\").\n\nThis is found by our static analysis tool KNighter.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-37828"
},
{
"cve":"CVE-2025-38084",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: unshare page tables during VMA split, not before\n\nCurrently, __split_vma() triggers hugetlb page table unsharing through\nvm_ops->may_split(). This happens before the VMA lock and rmap locks are\ntaken - which is too early, it allows racing VMA-locked page faults in our\nprocess and racing rmap walks from other processes to cause page tables to\nbe shared again before we actually perform the split.\n\nFix it by explicitly calling into the hugetlb unshare logic from\n__split_vma() in the same place where THP splitting also happens. At that\npoint, both the VMA and the rmap(s) are write-locked.\n\nAn annoying detail is that we can now call into the helper\nhugetlb_unshare_pmds() from two different locking contexts:\n\n1. from hugetlb_split(), holding:\n - mmap lock (exclusively)\n - VMA lock\n - file rmap lock (exclusively)\n2. hugetlb_unshare_all_pmds(), which I think is designed to be able to\n call us with only the mmap lock held (in shared mode), but currently\n only runs while holding mmap lock (exclusively) and VMA lock\n\nBackporting note:\nThis commit fixes a racy protection that was introduced in commit\nb30c14cd6102 (\"hugetlb: unshare some PMDs when splitting VMAs\"); that\ncommit claimed to fix an issue introduced in 5.13, but it should actually\nalso go all the way back.\n\n[",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.1,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-38084"
},
{
"cve":"CVE-2025-38100",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86/iopl: Cure TIF_IO_BITMAP inconsistencies\n\nio_bitmap_exit() is invoked from exit_thread() when a task exists or\nwhen a fork fails. In the latter case the exit_thread() cleans up\nresources which were allocated during fork().\n\nio_bitmap_exit() invokes task_update_io_bitmap(), which in turn ends up\nin tss_update_io_bitmap(). tss_update_io_bitmap() operates on the\ncurrent task. If current has TIF_IO_BITMAP set, but no bitmap installed,\ntss_update_io_bitmap() crashes with a NULL pointer dereference.\n\nThere are two issues, which lead to that problem:\n\n 1) io_bitmap_exit() should not invoke task_update_io_bitmap() when\n the task, which is cleaned up, is not the current task. That's a\n clear indicator for a cleanup after a failed fork().\n\n 2) A task should not have TIF_IO_BITMAP set and neither a bitmap\n installed nor IOPL emulation level 3 activated.\n\n This happens when a kernel thread is created in the context of\n a user space thread, which has TIF_IO_BITMAP set as the thread\n flags are copied and the IO bitmap pointer is cleared.\n\n Other than in the failed fork() case this has no impact because\n kernel threads including IO workers never return to user space and\n therefore never invoke tss_update_io_bitmap().\n\nCure this by adding the missing cleanups and checks:\n\n 1) Prevent io_bitmap_exit() to invoke task_update_io_bitmap() if\n the to be cleaned up task is not the current task.\n\n 2) Clear TIF_IO_BITMAP in copy_thread() unconditionally. For user\n space forks it is set later, when the IO bitmap is inherited in\n io_bitmap_share().\n\nFor paranoia sake, add a warning into tss_update_io_bitmap() to catch\nthe case, when that code is invoked with inconsistent state.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-38100"
},
{
"cve":"CVE-2025-38173",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: marvell/cesa - Handle zero-length skcipher requests\n\nDo not access random memory for zero-length skcipher requests.\nJust return 0.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"LOW",
"baseScore":3.9,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Low",
"category":"impact"
}
],
"title":"CVE-2025-38173"
},
{
"cve":"CVE-2025-38214",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var\n\nIf fb_add_videomode() in fb_set_var() fails to allocate memory for\nfb_videomode, later it may lead to a null-ptr dereference in\nfb_videomode_to_var(), as the fb_info is registered while not having the\nmode in modelist that is expected to be there, i.e. the one that is\ndescribed in fb_info->var.\n\n================================================================\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901\nCall Trace:\n display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929\n fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071\n resize_screen drivers/tty/vt/vt.c:1176 [inline]\n vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263\n fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720\n fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776\n do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128\n fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl fs/ioctl.c:739 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n================================================================\n\nThe reason is that fb_info->var is being modified in fb_set_var(), and\nthen fb_videomode_to_var() is called. If it fails to add the mode to\nfb_info->modelist, fb_set_var() returns error, but does not restore the\nold value of fb_info->var. Restore fb_info->var on failure the same way\nit is done earlier in the function.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-38214"
},
{
"cve":"CVE-2025-38581",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo '0000:0a:00.2' > /sys/bus/pci/drivers/ccp/unbind\n$ echo '0000:0a:00.2' > /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-38581"
},
{
"cve":"CVE-2025-38705",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix null pointer access\n\nWriting a string without delimiters (' ', '\\n', '\\0') to the under\ngpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile\nwill result in a null pointer dereference.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-38705"
},
{
"cve":"CVE-2025-38717",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: kcm: Fix race condition in kcm_unattach()\n\nsyzbot found a race condition when kcm_unattach(psock)\nand kcm_release(kcm) are executed at the same time.\n\nkcm_unattach() is missing a check of the flag\nkcm->tx_stopped before calling queue_work().\n\nIf the kcm has a reserved psock, kcm_unattach() might get executed\nbetween cancel_work_sync() and unreserve_psock() in kcm_release(),\nrequeuing kcm->tx_work right before kcm gets freed in kcm_done().\n\nRemove kcm->tx_stopped and replace it by the less\nerror-prone disable_work_sync().",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-38717"
},
{
"cve":"CVE-2025-38729",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Validate UAC3 power domain descriptors, too\n\nUAC3 power domain descriptors need to be verified with its variable\nbLength for avoiding the unexpected OOB accesses by malicious\nfirmware, too.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-38729"
},
{
"cve":"CVE-2025-39692",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()\n\nWe can't call destroy_workqueue(smb_direct_wq); before stop_sessions()!\n\nOtherwise already existing connections try to use smb_direct_wq as\na NULL pointer.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-39692"
},
{
"cve":"CVE-2025-39694",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Fix SCCB present check\n\nTracing code called by the SCLP interrupt handler contains early exits\nif the SCCB address associated with an interrupt is NULL. This check is\nperformed after physical to virtual address translation.\n\nIf the kernel identity mapping does not start at address zero, the\nresulting virtual address is never zero, so that the NULL checks won't\nwork. Subsequently this may result in incorrect accesses to the first\npage of the identity mapping.\n\nFix this by introducing a function that handles the NULL case before\naddress translation.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-39694"
},
{
"cve":"CVE-2025-39703",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet, hsr: reject HSR frame if skb can't hold tag\n\nReceiving HSR frame with insufficient space to hold HSR tag in the skb\ncan result in a crash (kernel BUG):\n\n[ 45.390915] skbuff: skb_under_panic: text:ffffffff86f32cac len:26 put:14 head:ffff888042418000 data:ffff888042417ff4 tail:0xe end:0x180 dev:bridge_slave_1\n[ 45.392559] ------------[ cut here ]------------\n[ 45.392912] kernel BUG at net/core/skbuff.c:211!\n[ 45.393276] Oops: invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 45.393809] CPU: 1 UID: 0 PID: 2496 Comm: reproducer Not tainted 6.15.0 #12 PREEMPT(undef)\n[ 45.394433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 45.395273] RIP: 0010:skb_panic+0x15b/0x1d0\n\n\n\n[ 45.402911] Call Trace:\n[ 45.403105] \n[ 45.404470] skb_push+0xcd/0xf0\n[ 45.404726] br_dev_queue_push_xmit+0x7c/0x6c0\n[ 45.406513] br_forward_finish+0x128/0x260\n[ 45.408483] __br_forward+0x42d/0x590\n[ 45.409464] maybe_deliver+0x2eb/0x420\n[ 45.409763] br_flood+0x174/0x4a0\n[ 45.410030] br_handle_frame_finish+0xc7c/0x1bc0\n[ 45.411618] br_handle_frame+0xac3/0x1230\n[ 45.413674] __netif_receive_skb_core.constprop.0+0x808/0x3df0\n[ 45.422966] __netif_receive_skb_one_core+0xb4/0x1f0\n[ 45.424478] __netif_receive_skb+0x22/0x170\n[ 45.424806] process_backlog+0x242/0x6d0\n[ 45.425116] __napi_poll+0xbb/0x630\n[ 45.425394] net_rx_action+0x4d1/0xcc0\n[ 45.427613] handle_softirqs+0x1a4/0x580\n[ 45.427926] do_softirq+0x74/0x90\n[ 45.428196] \n\nThis issue was found by syzkaller.\n\nThe panic happens in br_dev_queue_push_xmit() once it receives a\ncorrupted skb with ETH header already pushed in linear data. When it\nattempts the skb_push() call, there's not enough headroom and\nskb_push() panics.\n\nThe corrupted skb is put on the queue by HSR layer, which makes a\nsequence of unintended transformations when it receives a specific\ncorrupted HSR frame (with incomplete TAG).\n\nFix it by dropping and consuming frames that are not long enough to\ncontain both ethernet and hsr headers.\n\nAlternative fix would be to check for enough headroom before skb_push()\nin br_dev_queue_push_xmit().\n\nIn the reproducer, this is injected via AF_PACKET, but I don't easily\nsee why it couldn't be sent over the wire from adjacent network.\n\nFurther Details:\n\nIn the reproducer, the following network interface chain is set up:\n\n┌────────────────┐ ┌────────────────┐\n│ veth0_to_hsr ├───┤ hsr_slave0 ┼───┐\n└────────────────┘ └────────────────┘ │\n │ ┌──────┐\n ├─┤ hsr0 ├───┐\n │ └──────┘ │\n┌────────────────┐ ┌────────────────┐ │ │┌────────┐\n│ veth1_to_hsr ┼───┤ hsr_slave1 ├───┘ └┤ │\n└────────────────┘ └────────────────┘ ┌┼ bridge │\n ││ │\n │└────────┘\n │\n ┌───────┐ │\n │ ... ├──────┘\n └───────┘\n\nTo trigger the events leading up to crash, reproducer sends a corrupted\nHSR fr\n---truncated---",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-39703"
},
{
"cve":"CVE-2025-39751",
"notes":[
{
"text":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-39751"
},
{
"cve":"CVE-2025-39931",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Set merge to zero early in af_alg_sendmsg\n\nIf an error causes af_alg_sendmsg to abort, ctx->merge may contain\na garbage value from the previous loop. This may then trigger a\ncrash on the next entry into af_alg_sendmsg when it attempts to do\na merge that can't be done.\n\nFix this by setting ctx->merge to zero near the start of the loop.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-39931"
},
{
"cve":"CVE-2025-39938",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed\n\nIf earlier opening of source graph fails (e.g. ADSP rejects due to\nincorrect audioreach topology), the graph is closed and\n\"dai_data->graph[dai->id]\" is assigned NULL. Preparing the DAI for sink\ngraph continues though and next call to q6apm_lpass_dai_prepare()\nreceives dai_data->graph[dai->id]=NULL leading to NULL pointer\nexception:\n\n qcom-apm gprsvc:service:2:1: Error (1) Processing 0x01001002 cmd\n qcom-apm gprsvc:service:2:1: DSP returned error[1001002] 1\n q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: fail to start APM port 78\n q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: ASoC: error at snd_soc_pcm_dai_prepare on TX_CODEC_DMA_TX_3: -22\n Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a8\n ...\n Call trace:\n q6apm_graph_media_format_pcm+0x48/0x120 (P)\n q6apm_lpass_dai_prepare+0x110/0x1b4\n snd_soc_pcm_dai_prepare+0x74/0x108\n __soc_pcm_prepare+0x44/0x160\n dpcm_be_dai_prepare+0x124/0x1c0",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-39938"
},
{
"cve":"CVE-2025-39940",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndm-stripe: fix a possible integer overflow\n\nThere's a possible integer overflow in stripe_io_hints if we have too\nlarge chunk size. Test if the overflow happened, and if it did, don't set\nlimits->io_min and limits->io_opt;",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-39940"
},
{
"cve":"CVE-2025-39964",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Disallow concurrent writes in af_alg_sendmsg\n\nIssuing two writes to the same af_alg socket is bogus as the\ndata will be interleaved in an unpredictable fashion. Furthermore,\nconcurrent writes may create inconsistencies in the internal\nsocket state.\n\nDisallow this by adding a new ctx->write field that indiciates\nexclusive ownership for writing.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-39964"
},
{
"cve":"CVE-2025-39992",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: check for stable address space before operating on the VMA\n\nIt is possible to hit a zero entry while traversing the vmas in unuse_mm()\ncalled from swapoff path and accessing it causes the OOPS:\n\nUnable to handle kernel NULL pointer dereference at virtual address\n0000000000000446--> Loading the memory from offset 0x40 on the\nXA_ZERO_ENTRY as address.\nMem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n\nThe issue is manifested from the below race between the fork() on a\nprocess and swapoff:\nfork(dup_mmap())\t\t\tswapoff(unuse_mm)\n--------------- -----------------\n1) Identical mtree is built using\n __mt_dup().\n\n2) copy_pte_range()-->\n\tcopy_nonpresent_pte():\n The dst mm is added into the\n mmlist to be visible to the\n swapoff operation.\n\n3) Fatal signal is sent to the parent\nprocess(which is the current during the\nfork) thus skip the duplication of the\nvmas and mark the vma range with\nXA_ZERO_ENTRY as a marker for this process\nthat helps during exit_mmap().\n\n\t\t\t\t 4) swapoff is tried on the\n\t\t\t\t\t'mm' added to the 'mmlist' as\n\t\t\t\t\tpart of the 2.\n\n\t\t\t\t 5) unuse_mm(), that iterates\n\t\t\t\t\tthrough the vma's of this 'mm'\n\t\t\t\t\twill hit the non-NULL zero entry\n\t\t\t\t\tand operating on this zero entry\n\t\t\t\t\tas a vma is resulting into the\n\t\t\t\t\toops.\n\nThe proper fix would be around not exposing this partially-valid tree to\nothers when droping the mmap lock, which is being solved with [1]. A\nsimpler solution would be checking for MMF_UNSTABLE, as it is set if\nmm_struct is not fully initialized in dup_mmap().\n\nThanks to Liam/Lorenzo/David for all the suggestions in fixing this\nissue.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-39992"
},
{
"cve":"CVE-2025-40012",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix warning in smc_rx_splice() when calling get_page()\n\nsmc_lo_register_dmb() allocates DMB buffers with kzalloc(), which are\nlater passed to get_page() in smc_rx_splice(). Since kmalloc memory is\nnot page-backed, this triggers WARN_ON_ONCE() in get_page() and prevents\nholding a refcount on the buffer. This can lead to use-after-free if\nthe memory is released before splice_to_pipe() completes.\n\nUse folio_alloc() instead, ensuring DMBs are page-backed and safe for\nget_page().\n\nWARNING: CPU: 18 PID: 12152 at ./include/linux/mm.h:1330 smc_rx_splice+0xaf8/0xe20 [smc]\nCPU: 18 UID: 0 PID: 12152 Comm: smcapp Kdump: loaded Not tainted 6.17.0-rc3-11705-g9cf4672ecfee #10 NONE\nHardware name: IBM 3931 A01 704 (z/VM 7.4.0)\nKrnl PSW : 0704e00180000000 000793161032696c (smc_rx_splice+0xafc/0xe20 [smc])\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\nKrnl GPRS: 0000000000000000 001cee80007d3001 00077400000000f8 0000000000000005\n 0000000000000001 001cee80007d3006 0007740000001000 001c000000000000\n 000000009b0c99e0 0000000000001000 001c0000000000f8 001c000000000000\n 000003ffcc6f7c88 0007740003e98000 0007931600000005 000792969b2ff7b8\nKrnl Code: 0007931610326960: af000000\t\tmc\t0,0\n 0007931610326964: a7f4ff43\t\tbrc\t15,00079316103267ea\n #0007931610326968: af000000\t\tmc\t0,0\n >000793161032696c: a7f4ff3f\t\tbrc\t15,00079316103267ea\n 0007931610326970: e320f1000004\tlg\t%r2,256(%r15)\n 0007931610326976: c0e53fd1b5f5\tbrasl\t%r14,000793168fd5d560\n 000793161032697c: a7f4fbb5\t\tbrc\t15,00079316103260e6\n 0007931610326980: b904002b\t\tlgr\t%r2,%r11\nCall Trace:\n smc_rx_splice+0xafc/0xe20 [smc]\n smc_rx_splice+0x756/0xe20 [smc])\n smc_rx_recvmsg+0xa74/0xe00 [smc]\n smc_splice_read+0x1ce/0x3b0 [smc]\n sock_splice_read+0xa2/0xf0\n do_splice_read+0x198/0x240\n splice_file_to_pipe+0x7e/0x110\n do_splice+0x59e/0xde0\n __do_splice+0x11a/0x2d0\n __s390x_sys_splice+0x140/0x1f0\n __do_syscall+0x122/0x280\n system_call+0x6e/0x90\nLast Breaking-Event-Address:\nsmc_rx_splice+0x960/0xe20 [smc]\n---[ end trace 0000000000000000 ]---",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40012"
},
{
"cve":"CVE-2025-40035",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nInput: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak\n\nStruct ff_effect_compat is embedded twice inside\nuinput_ff_upload_compat, contains internal padding. In particular, there\nis a hole after struct ff_replay to satisfy alignment requirements for\nthe following union member. Without clearing the structure,\ncopy_to_user() may leak stack data to userspace.\n\nInitialize ff_up_compat to zero before filling valid fields.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40035"
},
{
"cve":"CVE-2025-40043",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: nci: Add parameter validation for packet data\n\nSyzbot reported an uninitialized value bug in nci_init_req, which was\nintroduced by commit 5aca7966d2a7 (\"Merge tag\n'perf-tools-fixes-for-v6.17-2025-09-16' of\ngit://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools\").\n\nThis bug arises due to very limited and poor input validation\nthat was done at nic_valid_size(). This validation only\nvalidates the skb->len (directly reflects size provided at the\nuserspace interface) with the length provided in the buffer\nitself (interpreted as NCI_HEADER). This leads to the processing\nof memory content at the address assuming the correct layout\nper what opcode requires there. This leads to the accesses to\nbuffer of `skb_buff->data` which is not assigned anything yet.\n\nFollowing the same silent drop of packets of invalid sizes at\n`nic_valid_size()`, add validation of the data in the respective\nhandlers and return error values in case of failure. Release\nthe skb if error values are returned from handlers in\n`nci_nft_packet` and effectively do a silent drop\n\nPossible TODO: because we silently drop the packets, the\ncall to `nci_request` will be waiting for completion of request\nand will face timeouts. These timeouts can get excessively logged\nin the dmesg. A proper handling of them may require to export\n`nci_request_cancel` (or propagate error handling from the\nnft packets handlers).",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":6.3,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40043"
},
{
"cve":"CVE-2025-40048",
"notes":[
{
"text":"In the Linux kernel, a race condition vulnerability exists in the uio_hv_generic driver. The driver's default interrupt mask setting logic is flawed, as the interrupt mask value should be completely controlled by user space. If the mask bit gets changed by the driver concurrently with user mode operating on the ring, the mask bit may be set when it is supposed to be clear, causing the user-mode driver to miss an interrupt and leading to a system hang.\n\nSpecifically, when the driver sets the inbound ring buffer interrupt mask to 1, the host does not interrupt the guest on the UIO VMBus channel. However, setting the mask does not prevent the host from putting a message in the inbound ring buffer. This results in the host putting a message into the ring buffer without interruption. Subsequently, when user space code in the guest sets the inbound ring buffer interrupt mask to 0 and waits for an interrupt via pread(), since there's already a message in the ring buffer, no new interrupt is generated, causing pread() to wait indefinitely.\n\nThe fix removes all instances where interrupt_mask is changed, while keeping the one in set_event() unchanged to enable user space control of the interrupt mask by writing 0/1 to /dev/uioX.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":6.2,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40048"
},
{
"cve":"CVE-2025-40053",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dlink: handle copy_thresh allocation failure\n\nThe driver did not handle failure of `netdev_alloc_skb_ip_align()`.\nIf the allocation failed, dereferencing `skb->protocol` could lead to\na NULL pointer dereference.\n\nThis patch tries to allocate `skb`. If the allocation fails, it falls\nback to the normal path.\n\nTested-on: D-Link DGE-550T Rev-A3",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40053"
},
{
"cve":"CVE-2025-40055",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix double free in user_cluster_connect()\n\nuser_cluster_disconnect() frees \"conn->cc_private\" which is \"lc\" but then\nthe error handling frees \"lc\" a second time. Set \"lc\" to NULL on this\npath to avoid a double free.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40055"
},
{
"cve":"CVE-2025-40082",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()\n\nBUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186\nRead of size 2 at addr ffff8880289ef218 by task syz.6.248/14290\n\nCPU: 0 UID: 0 PID: 14290 Comm: syz.6.248 Not tainted 6.16.4 #1 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1b0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x5f0 mm/kasan/report.c:482\n kasan_report+0xca/0x100 mm/kasan/report.c:595\n hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186\n hfsplus_listxattr+0x5b6/0xbd0 fs/hfsplus/xattr.c:738\n vfs_listxattr+0xbe/0x140 fs/xattr.c:493\n listxattr+0xee/0x190 fs/xattr.c:924\n filename_listxattr fs/xattr.c:958 [inline]\n path_listxattrat+0x143/0x360 fs/xattr.c:988\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcb/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe0e9fae16d\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fe0eae67f98 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3\nRAX: ffffffffffffffda RBX: 00007fe0ea205fa0 RCX: 00007fe0e9fae16d\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000\nRBP: 00007fe0ea0480f0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fe0ea206038 R14: 00007fe0ea205fa0 R15: 00007fe0eae48000\n \n\nAllocated by task 14290:\n kasan_save_stack+0x24/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4333 [inline]\n __kmalloc_noprof+0x219/0x540 mm/slub.c:4345\n kmalloc_noprof include/linux/slab.h:909 [inline]\n hfsplus_find_init+0x95/0x1f0 fs/hfsplus/bfind.c:21\n hfsplus_listxattr+0x331/0xbd0 fs/hfsplus/xattr.c:697\n vfs_listxattr+0xbe/0x140 fs/xattr.c:493\n listxattr+0xee/0x190 fs/xattr.c:924\n filename_listxattr fs/xattr.c:958 [inline]\n path_listxattrat+0x143/0x360 fs/xattr.c:988\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcb/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nWhen hfsplus_uni2asc is called from hfsplus_listxattr,\nit actually passes in a struct hfsplus_attr_unistr*.\nThe size of the corresponding structure is different from that of hfsplus_unistr,\nso the previous fix (94458781aee6) is insufficient.\nThe pointer on the unicode buffer is still going beyond the allocated memory.\n\nThis patch introduces two warpper functions hfsplus_uni2asc_xattr_str and\nhfsplus_uni2asc_str to process two unicode buffers,\nstruct hfsplus_attr_unistr* and struct hfsplus_unistr* respectively.\nWhen ustrlen value is bigger than the allocated memory size,\nthe ustrlen value is limited to an safe size.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40082"
},
{
"cve":"CVE-2025-40084",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: transport_ipc: validate payload size before reading handle\n\nhandle_response() dereferences the payload as a 4-byte handle without\nverifying that the declared payload size is at least 4 bytes. A malformed\nor truncated message from ksmbd.mountd can lead to a 4-byte read past the\ndeclared payload size. Validate the size before dereferencing.\n\nThis is a minimal fix to guard the initial handle read.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40084"
},
{
"cve":"CVE-2025-40088",
"notes":[
{
"text":"In the Linux kernel, a buffer overflow vulnerability exists in the hfsplus_strcasecmp() function of the hfsplus filesystem. When the hfsplus_strcasecmp() logic is triggered, it causes a slab-out-of-bounds read, allowing attackers to read sensitive information from kernel memory. This vulnerability triggers KASAN-detected boundary check errors and could be exploited for information disclosure or system crash attacks.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40088"
},
{
"cve":"CVE-2025-40109",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure set_ent is always present. Ensure that set_ent is always set since only drbg provides it. The Linux kernel CVE team has assigned CVE-2025-40109 to this issue.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40109"
},
{
"cve":"CVE-2025-40110",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix a null-ptr access in the cursor snooper\n\nCheck that the resource which is converted to a surface exists before\ntrying to use the cursor snooper on it.\n\nvmw_cmd_res_check allows explicit invalid (SVGA3D_INVALID_ID) identifiers\nbecause some svga commands accept SVGA3D_INVALID_ID to mean \"no surface\",\nunfortunately functions that accept the actual surfaces as objects might\n(and in case of the cursor snooper, do not) be able to handle null\nobjects. Make sure that we validate not only the identifier (via the\nvmw_cmd_res_check) but also check that the actual resource exists before\ntrying to do something with it.\n\nFixes unchecked null-ptr reference in the snooping code.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.7,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40110"
},
{
"cve":"CVE-2025-40120",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock\n\nPrevent USB runtime PM (autosuspend) for AX88772* in bind.\n\nusbnet enables runtime PM (autosuspend) by default, so disabling it via\nthe usb_driver flag is ineffective. On AX88772B, autosuspend shows no\nmeasurable power saving with current driver (no link partner, admin\nup/down). The ~0.453 W -> ~0.248 W drop on v6.1 comes from phylib powering\nthe PHY off on admin-down, not from USB autosuspend.\n\nThe real hazard is that with runtime PM enabled, ndo_open() (under RTNL)\nmay synchronously trigger autoresume (usb_autopm_get_interface()) into\nasix_resume() while the USB PM lock is held. Resume paths then invoke\nphylink/phylib and MDIO, which also expect RTNL, leading to possible\ndeadlocks or PM lock vs MDIO wake issues.\n\nTo avoid this, keep the device runtime-PM active by taking a usage\nreference in ax88772_bind() and dropping it in unbind(). A non-zero PM\nusage count blocks runtime suspend regardless of userspace policy\n(.../power/control - pm_runtime_allow/forbid), making this approach\nrobust against sysfs overrides.\n\nHolding a runtime-PM usage ref does not affect system-wide suspend;\nsystem sleep/resume callbacks continue to run as before.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.7,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40120"
},
{
"cve":"CVE-2025-40123",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Enforce expected_attach_type for tailcall compatibility\n\nYinhao et al. recently reported:\n\n Our fuzzer tool discovered an uninitialized pointer issue in the\n bpf_prog_test_run_xdp() function within the Linux kernel's BPF subsystem.\n This leads to a NULL pointer dereference when a BPF program attempts to\n deference the txq member of struct xdp_buff object.\n\nThe test initializes two programs of BPF_PROG_TYPE_XDP: progA acts as the\nentry point for bpf_prog_test_run_xdp() and its expected_attach_type can\nneither be of be BPF_XDP_DEVMAP nor BPF_XDP_CPUMAP. progA calls into a slot\nof a tailcall map it owns. progB's expected_attach_type must be BPF_XDP_DEVMAP\nto pass xdp_is_valid_access() validation. The program returns struct xdp_md's\negress_ifindex, and the latter is only allowed to be accessed under mentioned\nexpected_attach_type. progB is then inserted into the tailcall which progA\ncalls.\n\nThe underlying issue goes beyond XDP though. Another example are programs\nof type BPF_PROG_TYPE_CGROUP_SOCK_ADDR. sock_addr_is_valid_access() as well\nas sock_addr_func_proto() have different logic depending on the programs'\nexpected_attach_type. Similarly, a program attached to BPF_CGROUP_INET4_GETPEERNAME\nshould not be allowed doing a tailcall into a program which calls bpf_bind()\nout of BPF which is only enabled for BPF_CGROUP_INET4_CONNECT.\n\nIn short, specifying expected_attach_type allows to open up additional\nfunctionality or restrictions beyond what the basic bpf_prog_type enables.\nThe use of tailcalls must not violate these constraints. Fix it by enforcing\nexpected_attach_type in __bpf_prog_map_compatible().\n\nNote that we only enforce this for tailcall maps, but not for BPF devmaps or\ncpumaps: There, the programs are invoked through dev_map_bpf_prog_run*() and\ncpu_map_bpf_prog_run*() which set up a new environment / context and therefore\nthese situations are not prone to this issue.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.4,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40123"
},
{
"cve":"CVE-2025-40125",
"notes":[
{
"text":"In the Linux kernel, a vulnerability exists in the blk-mq component: the return value of blk_mq_sysfs_register_hctxs() is not checked in __blk_mq_update_nr_hw_queues() function. If sysfs creation for hctx fails, later changing the number of hw_queues or removing disk will trigger kernel warnings. The issue occurs because kobject_del() is called unconditionally even when sysfs creation fails, leading to kernfs directory operation errors.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40125"
},
{
"cve":"CVE-2025-40129",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix null pointer dereference on zero-length checksum\n\nIn xdr_stream_decode_opaque_auth(), zero-length checksum.len causes\nchecksum.data to be set to NULL. This triggers a NPD when accessing\nchecksum.data in gss_krb5_verify_mic_v2(). This patch ensures that\nthe value of checksum.len is not less than XDR_UNIT.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.7,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40129"
},
{
"cve":"CVE-2025-40134",
"notes":[
{
"text":"In the Linux kernel, there is a race condition between device manager (dm) suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes, causing q->tag_set to be a NULL pointer and leading to system crash. The vulnerability affects Linux kernel versions from 5.0 to 6.17.2.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.7,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40134"
},
{
"cve":"CVE-2025-40140",
"notes":[
{
"text":"In the Linux kernel, a race condition vulnerability exists in the rtl8150 USB network driver's rtl8150_set_multicast function. The vulnerability occurs because rtl8150_set_multicast incorrectly calls netif_stop_queue and netif_wake_queue, causing TX queue synchronization issues. When rtl8150_set_multicast wakes up the TX queue before USB transfer completion, it may lead to double submission of URB in rtl8150_start_xmit, resulting in warnings and potential system instability.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40140"
},
{
"cve":"CVE-2025-40141",
"notes":[
{
"text":"In the Linux kernel, a use-after-free vulnerability has been identified in the Bluetooth ISO module. This vulnerability is similar to the issue in sco_conn_free where if conn->sk is not set to NULL, it may lead to use-after-free in iso_conn_free.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-40141"
},
{
"cve":"CVE-2025-40153",
"notes":[
{
"text":"A vulnerability was found in the Linux kernel where calling mprotect() on large hugetlb memory areas (approximately 300GB) can cause soft lockup issues. The CPU becomes stuck for extended periods, making the system unresponsive. This occurs because the hugetlb handling for large memory lacks proper scheduling opportunities, unlike THP or base pages which already have cond_resched() calls. Although the soft lockup was triggered by MTE, this is not MTE-specific - any processing that takes a long time in the loop may trigger soft lockup.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-40153"
},
{
"cve":"CVE-2025-40164",
"notes":[
{
"text":"In the Linux kernel, the usbnet driver contains a stack-based buffer overflow vulnerability. Syzbot reported warnings about using smp_processor_id() in preemptible code. This vulnerability may lead to stack buffer overflow, affecting system confidentiality, integrity, and availability. The vulnerability stems from the incorrect use of smp_processor_id() function in the usbnet_skb_return function within preemptible context.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"LOW",
"baseScore":2.3,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Low",
"category":"impact"
}
],
"title":"CVE-2025-40164"
},
{
"cve":"CVE-2025-40167",
"notes":[
{
"text":"In the Linux kernel, a vulnerability has been found in the ext4 filesystem. When opening a verity file on a corrupted ext4 filesystem mounted without a journal, syzbot reported a BUG_ON in ext4_es_cache_extent(). The issue is that the filesystem has an inode with both the INLINE_DATA and EXTENTS flags set. This is an invalid combination since an inode should have either: INLINE_DATA (data stored directly in the inode) or EXTENTS (data stored in extent-mapped blocks). Having both flags causes ext4_has_inline_data() to return true, skipping extent tree validation in __ext4_iget(). The unvalidated out-of-order extents then trigger a BUG_ON in ext4_es_cache_extent() due to integer underflow when calculating hole sizes.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.8,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40167"
},
{
"cve":"CVE-2025-40169",
"notes":[
{
"text":"In the Linux kernel, the check_alu_op() function in the BPF verifier contains a vulnerability when validating ALU operation instructions. The function validates BPF program instructions where the 'offset' field is a signed 16-bit integer. The original check condition 'insn->off > 1' was intended to ensure the offset is either 0 or 1 (for BPF_MOD/BPF_DIV operations). However, since 'insn->off' is signed, this check incorrectly accepts all negative values (e.g., -1). This vulnerability allows maliciously crafted BPF programs to bypass verification, potentially leading to privilege escalation and other security issues.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40169"
},
{
"cve":"CVE-2025-40171",
"notes":[
{
"text":"In the Linux kernel, a vulnerability has been found in the nvmet-fc module. When multiple async commands are in flight from __nvmet_fc_send_ls_req, a tgtport reference is taken for each command. In the current code, only one put work item is queued at a time, which results in a leaked reference. This vulnerability affects multiple Linux kernel version branches.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40171"
},
{
"cve":"CVE-2025-40173",
"notes":[
{
"text":"In the Linux kernel, a vulnerability has been identified in the net/ip6_tunnel module. Similar to IPv4 tunnel, IPv6 version also updates dev->needed_headroom. While IPv4 tunnel headroom adjustment growth was limited in commit 5ae1e9922bbd, the IPv6 tunnel continues to increase headroom without any ceiling. This vulnerability may lead to perpetual tunnel growth, affecting system confidentiality, integrity, and availability, with potential privilege escalation risks.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.1,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40173"
},
{
"cve":"CVE-2025-40176",
"notes":[
{
"text":"In the Linux kernel, during asynchronous decryption in the TLS module, the tls_strp_msg_hold function is called to create a clone of the input skb to hold references to the memory it uses. If the allocation of this clone fails, proceeding with asynchronous decryption can lead to various issues (UAF on the skb, writing into userspace memory after the recv() call has returned). In this case, the system should wait for all pending decryption requests to complete.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.3,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-40176"
},
{
"cve":"CVE-2025-40178",
"notes":[
{
"text":"In the Linux kernel, there is a NULL pointer dereference vulnerability in the pid_nr_ns function. When task_active_pid_ns returns null, it triggers kernel panic. The vulnerability manifests as kernel panic when task_active_pid_ns returns null in the pid_nr_ns function. The vulnerability example shows inability to handle kernel NULL pointer dereference errors, leading to system crash. The specific error is 'Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058', ultimately causing kernel panic and system crash.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.1,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40178"
},
{
"cve":"CVE-2025-40179",
"notes":[
{
"text":"In the Linux kernel, the ext4 filesystem has a vulnerability: orphan files can be arbitrarily large in principle. However, orphan replay needs to traverse all content and pin all buffers in memory. Filesystems with absurdly large orphan files can lead to significant memory consumption. The vulnerability limits orphan file size to a sane value and uses kvmalloc() for allocating array of block descriptor structures to avoid large order allocations for large orphan files.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.7,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40179"
},
{
"cve":"CVE-2025-40183",
"notes":[
{
"text":"In the Linux kernel, a memory leak vulnerability exists. Cilium's BPF egress gateway feature redirects K8s Pod traffic through vxlan tunnels to dedicated egress gateways. When using the bpf_redirect_neigh() helper to forward packets, vxlan allocates metadata_dst objects and attaches them to skb through fake dst entries. However, since bpf_redirect_neigh() only sets new dst entries without first dropping existing ones, the metadata_dst objects are never released, causing continuous increase in kmalloc-256 slab usage.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.4,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40183"
},
{
"cve":"CVE-2025-40187",
"notes":[
{
"text":"In the Linux kernel, a NULL pointer dereference vulnerability exists in the SCTP protocol. When new_asoc->peer.adaptation_ind=0 and sctp_ulpevent_make_authkey=0, and sctp_ulpevent_make_authkey() returns 0, the variable ai_ev remains zero and this zero value will be dereferenced in the sctp_ulpevent_free() function.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.7,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40187"
},
{
"cve":"CVE-2025-40190",
"notes":[
{
"text":"In the Linux kernel, there is a reference count underflow vulnerability in the ext4 file system. Syzkaller discovered a path where ext4_xattr_inode_update_ref() reads an EA inode refcount that is already <= 0 and then applies ref_change (often -1), causing the refcount to underflow and proceed with a bogus value, triggering errors like: EXT4-fs error: EA inode ref underflow, EXT4-fs warning: ea_inode dec ref err. The fix makes the invariant explicit: if the current refcount is non-positive, treat it as on-disk corruption, emit ext4_error_inode(), and fail the operation with -EFSCORRUPTED instead of updating the refcount.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-40190"
},
{
"cve":"CVE-2025-40192",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved: Revert \"ipmi: fix msg stack when IPMI is disconnected\". This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in a certain way. Apparently certain BMCs do misbehave this way because several reports have come in recently about this.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40192"
},
{
"cve":"CVE-2025-40194",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request(). The cpufreq_cpu_put() call in update_qos_request() takes place too early because the latter subsequently calls freq_qos_update_request() that indirectly accesses the policy object in question through the QoS request object passed to it. Fortunately, update_qos_request() is called under intel_pstate_driver_lock, so this issue does not matter for changing the intel_pstate operation mode, but it theoretically can cause a crash to occur on CPU device hot removal (which currently can only happen in virt, but it is formally supported nevertheless). Address this issue by modifying update_qos_request() to drop the reference to the policy later.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.8,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40194"
},
{
"cve":"CVE-2025-40198",
"notes":[
{
"text":"In the Linux kernel, a buffer over-read vulnerability has been discovered in the parse_apply_sb_mount_options() function of the ext4 filesystem. Unlike other strings in the ext4 superblock, this vulnerability relies on tune2fs to ensure s_mount_opts is NUL terminated. The parse_apply_sb_mount_options() function has been hardened by treating s_mount_opts as a potential __nonstring.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.4,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40198"
},
{
"cve":"CVE-2025-40200",
"notes":[
{
"text":"In the Linux kernel, a vulnerability has been identified in the Squashfs filesystem's squashfs_read_inode() function, which fails to properly validate input data and may accept negative file sizes. Syskaller reports a \"WARNING in ovl_copy_up_file\" in overlayfs. This warning is ultimately caused because the underlying Squashfs filesystem returns a file with a negative file size. This commit fixes the issue by checking for negative file sizes and returning EINVAL.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.4,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40200"
},
{
"cve":"CVE-2025-40201",
"notes":[
{
"text":"In the Linux kernel, the sys_prlimit64() path has a race condition issue with the usage of task_lock(tsk->group_leader). When tsk != current and tsk is not a leader, this process can exit/exec and task_lock(tsk->group_leader) may use the already freed task_struct. Another problem is that sys_prlimit64() can race with mt-exec which changes ->group_leader. In this case do_prlimit() may take the wrong lock, or (worse) ->group_leader may change between task_lock() and task_unlock(). The fix changes sys_prlimit64() to take tasklist_lock when necessary.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.8,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40201"
},
{
"cve":"CVE-2025-40202",
"notes":[
{
"text":"In the Linux kernel, the IPMI subsystem's user message limit handling had a number of issues, including improper counting in some cases and a use-after-free vulnerability. The vulnerability has been resolved by restructuring the handling to manage more in the receive message allocation routine, where all referencing and user message limit counts are now handled, making the process cleaner and safer. This vulnerability affects Linux Kernel versions from 5.19 to 6.18-rc1.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40202"
},
{
"cve":"CVE-2025-40204",
"notes":[
{
"text":"In the Linux kernel, the SCTP protocol's MAC comparison implementation was vulnerable to timing attacks. This vulnerability allows attackers to infer MAC values through timing analysis, potentially bypassing security validation. The fix modifies the MAC comparison to use constant-time comparison to prevent timing attacks.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.3,
"vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40204"
},
{
"cve":"CVE-2025-40206",
"notes":[
{
"text":"In the Linux kernel, the netfilter nft_objref module has a validation bypass vulnerability. Referencing a synproxy stateful object from OUTPUT hook causes kernel crash due to infinite recursive calls. This vulnerability allows attackers to trigger kernel stack overflow through specially crafted nftables rules, leading to system crash. Validation functions for objref and objrefmap expressions have been implemented, currently only NFT_OBJECT_SYNPROXY object type requires validation.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":4.4,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40206"
},
{
"cve":"CVE-2025-40211",
"notes":[
{
"text":"In the Linux kernel, a use-after-free vulnerability exists in the ACPI video subsystem. The switch_brightness_work delayed work accesses device->brightness and device->backlight, which are freed by acpi_video_dev_unregister_backlight() during device removal. If the work executes after acpi_video_bus_unregister_backlight() frees these resources, it causes a use-after-free when acpi_video_switch_brightness() dereferences device->brightness or device->backlight. The issue is fixed by calling cancel_delayed_work_sync() for each device's switch_brightness_work in acpi_video_bus_remove_notify_handler() after removing the notify handler that queues the work, ensuring the work completes before the memory is freed.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2766"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.x86_64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.src",
"openEuler-24.03-LTS-SP1:bpftool-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-121.0.0.123.oe2403sp1.aarch64",
"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-121.0.0.123.oe2403sp1.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-40211"
}
]
}