{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP4", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:kernel/resource: fix kfree() of bootmem memory againSince commit ebff7d8f270d ( mem hotunplug: fix kfree() of bootmemmemory ), we could get a resource allocated during boot viaalloc_resource(). And it s required to release the resource usingfree_resource(). Howerver, many people use kfree directly which willresult in kernel BUG. In order to fix this without fixing every callsite, just leak a couple of bytes in such corner case.(CVE-2022-49190)\n\nIn the Linux kernel, the following vulnerability has been resolved:drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback()There is a deadlock in rtw_surveydone_event_callback(),which is shown below: (Thread 1) | (Thread 2) | _set_timer()rtw_surveydone_event_callback()| mod_timer() spin_lock_bh() //(1) | (wait a time) ... | rtw_scan_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (wait timer to stop) | ...We hold pmlmepriv->lock in position (1) of thread 1 and usedel_timer_sync() to wait timer to stop, but timer handleralso need pmlmepriv->lock in position (2) of thread 2.As a result, rtw_surveydone_event_callback() will block forever.This patch extracts del_timer_sync() from the protection ofspin_lock_bh(), which could let timer handler to obtainthe needed lock. What`s more, we change spin_lock_bh() inrtw_scan_timeout_handler() to spin_lock_irq(). Otherwise,spin_lock_bh() will also cause deadlock() in timer handler.(CVE-2022-49309)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/scheduler: fix fence ref counting\n\nWe leaked dependency fences when processes were beeing killed.\n\nAdditional to that grab a reference to the last scheduled fence.(CVE-2022-49829)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: fix random warning message when driver load\n\nWarning log:\n[ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to gfp: 0xa20 (GFP_ATOMIC). Fix your code!\n[ 4.150340] CPU: 1 PID: 175 Comm: 1-0050 Not tainted 5.15.5-00039-g2fd9ae1b568c #20\n[ 4.158010] Hardware name: Freescale i.MX8QXP MEK (DT)\n[ 4.163155] Call trace:\n[ 4.165600] dump_backtrace+0x0/0x1b0\n[ 4.169286] show_stack+0x18/0x68\n[ 4.172611] dump_stack_lvl+0x68/0x84\n[ 4.176286] dump_stack+0x18/0x34\n[ 4.179613] kmalloc_fix_flags+0x60/0x88\n[ 4.183550] new_slab+0x334/0x370\n[ 4.186878] ___slab_alloc.part.108+0x4d4/0x748\n[ 4.191419] __slab_alloc.isra.109+0x30/0x78\n[ 4.195702] kmem_cache_alloc+0x40c/0x420\n[ 4.199725] dma_pool_alloc+0xac/0x1f8\n[ 4.203486] cdns3_allocate_trb_pool+0xb4/0xd0\n\npool_alloc_page(struct dma_pool *pool, gfp_t mem_flags)\n{\n\t...\n\tpage = kmalloc(sizeof(*page), mem_flags);\n\tpage->vaddr = dma_alloc_coherent(pool->dev, pool->allocation,\n\t\t\t\t\t &page->dma, mem_flags);\n\t...\n}\n\nkmalloc was called with mem_flags, which is passed down in\ncdns3_allocate_trb_pool() and have GFP_DMA32 flags.\nkmall_fix_flags() report warning.\n\nGFP_DMA32 is not useful at all. dma_alloc_coherent() will handle\nDMA memory region correctly by pool->dev. GFP_DMA32 can be removed\nsafely.(CVE-2022-50151)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nof: check previous kernel's ima-kexec-buffer against memory bounds\n\nPresently ima_get_kexec_buffer() doesn't check if the previous kernel's\nima-kexec-buffer lies outside the addressable memory range. This can result\nin a kernel panic if the new kernel is booted with 'mem=X' arg and the\nima-kexec-buffer was allocated beyond that range by the previous kernel.\nThe panic is usually of the form below:\n\n$ sudo kexec --initrd initrd vmlinux --append='mem=16G'\n\n\n BUG: Unable to handle kernel data access on read at 0xc000c01fff7f0000\n Faulting instruction address: 0xc000000000837974\n Oops: Kernel access of bad area, sig: 11 [#1]\n\n NIP [c000000000837974] ima_restore_measurement_list+0x94/0x6c0\n LR [c00000000083b55c] ima_load_kexec_buffer+0xac/0x160\n Call Trace:\n [c00000000371fa80] [c00000000083b55c] ima_load_kexec_buffer+0xac/0x160\n [c00000000371fb00] [c0000000020512c4] ima_init+0x80/0x108\n [c00000000371fb70] [c0000000020514dc] init_ima+0x4c/0x120\n [c00000000371fbf0] [c000000000012240] do_one_initcall+0x60/0x2c0\n [c00000000371fcc0] [c000000002004ad0] kernel_init_freeable+0x344/0x3ec\n [c00000000371fda0] [c0000000000128a4] kernel_init+0x34/0x1b0\n [c00000000371fe10] [c00000000000ce64] ret_from_kernel_thread+0x5c/0x64\n Instruction dump:\n f92100b8 f92100c0 90e10090 910100a0 4182050c 282a0017 3bc00000 40810330\n 7c0802a6 fb610198 7c9b2378 f80101d0 2c090001 40820614 e9240010\n ---[ end trace 0000000000000000 ]---\n\nFix this issue by checking returned PFN range of previous kernel's\nima-kexec-buffer with page_is_ram() to ensure correct memory bounds.(CVE-2022-50159)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: Use different devices for resource allocation and DT lookup\n\nFollowing by the below discussion, there's the potential UAF issue\nbetween regulator and mfd.\nhttps://lore.kernel.org/all/(CVE-2022-50616)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: do not run mt76u_status_worker if the device is not running\n\nFix the following NULL pointer dereference avoiding to run\nmt76u_status_worker thread if the device is not running yet.\n\nKASAN: null-ptr-deref in range\n[0x0000000000000000-0x0000000000000007]\nCPU: 0 PID: 98 Comm: kworker/u2:2 Not tainted 5.14.0+ #78 Hardware\nname: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\nWorkqueue: mt76 mt76u_tx_status_data\nRIP: 0010:mt76x02_mac_fill_tx_status.isra.0+0x82c/0x9e0\nCode: c5 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 0f 85 94 01 00 00\n48 b8 00 00 00 00 00 fc ff df 4d 8b 34 24 4c 89 f2 48 c1 ea 03 <0f>\nb6\n04 02 84 c0 74 08 3c 03 0f 8e 89 01 00 00 41 8b 16 41 0f b7\nRSP: 0018:ffffc900005af988 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffc900005afae8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff832fc661 RDI: ffffc900005afc2a\nRBP: ffffc900005afae0 R08: 0000000000000001 R09: fffff520000b5f3c\nR10: 0000000000000003 R11: fffff520000b5f3b R12: ffff88810b6132d8\nR13: 000000000000ffff R14: 0000000000000000 R15: ffffc900005afc28\nFS: 0000000000000000(0000) GS:ffff88811aa00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa0eda6a000 CR3: 0000000118f17000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n mt76x02_send_tx_status+0x1d2/0xeb0\n mt76x02_tx_status_data+0x8e/0xd0\n mt76u_tx_status_data+0xe1/0x240\n process_one_work+0x92b/0x1460\n worker_thread+0x95/0xe00\n kthread+0x3a1/0x480\n ret_from_fork+0x1f/0x30\nModules linked in:\n--[ end trace 8df5d20fc5040f65 ]--\nRIP: 0010:mt76x02_mac_fill_tx_status.isra.0+0x82c/0x9e0\nCode: c5 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 0f 85 94 01 00 00\n48 b8 00 00 00 00 00 fc ff df 4d 8b 34 24 4c 89 f2 48 c1 ea 03 <0f>\nb6\n04 02 84 c0 74 08 3c 03 0f 8e 89 01 00 00 41 8b 16 41 0f b7\nRSP: 0018:ffffc900005af988 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffc900005afae8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff832fc661 RDI: ffffc900005afc2a\nRBP: ffffc900005afae0 R08: 0000000000000001 R09: fffff520000b5f3c\nR10: 0000000000000003 R11: fffff520000b5f3b R12: ffff88810b6132d8\nR13: 000000000000ffff R14: 0000000000000000 R15: ffffc900005afc28\nFS: 0000000000000000(0000) GS:ffff88811aa00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa0eda6a000 CR3: 0000000118f17000 CR4: 0000000000750ef0\nPKRU: 55555554\n\nMoreover move stat_work schedule out of the for loop.(CVE-2022-50735)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.(CVE-2023-52927)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle\n\nKASAN reported a null-ptr-deref error:\n\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 0 PID: 1373 Comm: modprobe\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:dmi_sysfs_entry_release\n...\nCall Trace:\n \n kobject_put\n dmi_sysfs_register_handle (drivers/firmware/dmi-sysfs.c:540) dmi_sysfs\n dmi_decode_table (drivers/firmware/dmi_scan.c:133)\n dmi_walk (drivers/firmware/dmi_scan.c:1115)\n dmi_sysfs_init (drivers/firmware/dmi-sysfs.c:149) dmi_sysfs\n do_one_initcall (init/main.c:1296)\n ...\nKernel panic - not syncing: Fatal exception\nKernel Offset: 0x4000000 from 0xffffffff81000000\n---[ end Kernel panic - not syncing: Fatal exception ]---\n\nIt is because previous patch added kobject_put() to release the memory\nwhich will call dmi_sysfs_entry_release() and list_del().\n\nHowever, list_add_tail(entry->list) is called after the error block,\nso the list_head is uninitialized and cannot be deleted.\n\nMove error handling to after list_add_tail to fix this.(CVE-2023-53250)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncacheinfo: Fix shared_cpu_map to handle shared caches at different levels\n\nThe cacheinfo sets up the shared_cpu_map by checking whether the caches\nwith the same index are shared between CPUs. However, this will trigger\nslab-out-of-bounds access if the CPUs do not have the same cache hierarchy.\nAnother problem is the mismatched shared_cpu_map when the shared cache does\nnot have the same index between CPUs.\n\nCPU0\tI\tD\tL3\nindex\t0\t1\t2\tx\n\t^\t^\t^\t^\nindex\t0\t1\t2\t3\nCPU1\tI\tD\tL2\tL3\n\nThis patch checks each cache is shared with all caches on other CPUs.(CVE-2023-53254)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix slab-out-of-bounds in ses_intf_remove()\n\nA fix for:\n\nBUG: KASAN: slab-out-of-bounds in ses_intf_remove+0x23f/0x270 [ses]\nRead of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013\n\nWhen edev->components is zero, accessing edev->component[0] members is\nwrong.(CVE-2023-53521)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix resource leak in device_add()\n\nWhen calling kobject_add() failed in device_add(), it will call\ncleanup_glue_dir() to free resource. But in kobject_add(),\ndev->kobj.parent has been set to NULL. This will cause resource leak.\n\nThe process is as follows:\ndevice_add()\n\tget_device_parent()\n\t\tclass_dir_create_and_add()\n\t\t\tkobject_add()\t\t//kobject_get()\n\t...\n\tdev->kobj.parent = kobj;\n\t...\n\tkobject_add()\t\t//failed, but set dev->kobj.parent = NULL\n\t...\n\tglue_dir = get_glue_dir(dev)\t//glue_dir = NULL, and goto\n\t\t\t\t\t//\"Error\" label\n\t...\n\tcleanup_glue_dir()\t//becaues glue_dir is NULL, not call\n\t\t\t\t//kobject_put()\n\nThe preceding problem may cause insmod mac80211_hwsim.ko to failed.\nsysfs: cannot create duplicate filename '/devices/virtual/mac80211_hwsim'\nCall Trace:\n\ndump_stack_lvl+0x8e/0xd1\nsysfs_warn_dup.cold+0x1c/0x29\nsysfs_create_dir_ns+0x224/0x280\nkobject_add_internal+0x2aa/0x880\nkobject_add+0x135/0x1a0\nget_device_parent+0x3d7/0x590\ndevice_add+0x2aa/0x1cb0\ndevice_create_groups_vargs+0x1eb/0x260\ndevice_create+0xdc/0x110\nmac80211_hwsim_new_radio+0x31e/0x4790 [mac80211_hwsim]\ninit_mac80211_hwsim+0x48d/0x1000 [mac80211_hwsim]\ndo_one_initcall+0x10f/0x630\ndo_init_module+0x19f/0x5e0\nload_module+0x64b7/0x6eb0\n__do_sys_finit_module+0x140/0x200\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nkobject_add_internal failed for mac80211_hwsim with -EEXIST, don't try to\nregister things with the same name in the same directory.(CVE-2023-53594)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9317/1: kexec: Make smp stop calls asynchronous\n\nIf a panic is triggered by a hrtimer interrupt all online cpus will be\nnotified and set offline. But as highlighted by commit 19dbdcb8039c\n(\"smp: Warn on function calls from softirq context\") this call should\nnot be made synchronous with disabled interrupts:\n\n softdog: Initiating panic\n Kernel panic - not syncing: Software Watchdog Timer expired\n WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp_call_function_many_cond\n unwind_backtrace:\n show_stack\n dump_stack_lvl\n __warn\n warn_slowpath_fmt\n smp_call_function_many_cond\n smp_call_function\n crash_smp_send_stop.part.0\n machine_crash_shutdown\n __crash_kexec\n panic\n softdog_fire\n __hrtimer_run_queues\n hrtimer_interrupt\n\nMake the smp call for machine_crash_nonpanic_core() asynchronous.(CVE-2023-53712)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: early: xhci-dbc: Fix a potential out-of-bound memory access\n\nIf xdbc_bulk_write() fails, the values in 'buf' can be anything. So the\nstring is not guaranteed to be NULL terminated when xdbc_trace() is called.\n\nReserve an extra byte, which will be zeroed automatically because 'buf' is\na static variable, in order to avoid troubles, should it happen.(CVE-2023-53840)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Prevent handling any completions after qp destroy\n\nHW may generate completions that indicates QP is destroyed.\nDriver should not be scheduling any more completion handlers\nfor this QP, after the QP is destroyed. Since CQs are active\nduring the QP destroy, driver may still schedule completion\nhandlers. This can cause a race where the destroy_cq and poll_cq\nrunning simultaneously.\n\nSnippet of kernel panic while doing bnxt_re driver load unload in loop.\nThis indicates a poll after the CQ is freed. \n\n[77786.481636] Call Trace:\n[77786.481640]  \n[77786.481644]  bnxt_re_poll_cq+0x14a/0x620 [bnxt_re]\n[77786.481658]  ? kvm_clock_read+0x14/0x30\n[77786.481693]  __ib_process_cq+0x57/0x190 [ib_core]\n[77786.481728]  ib_cq_poll_work+0x26/0x80 [ib_core]\n[77786.481761]  process_one_work+0x1e5/0x3f0\n[77786.481768]  worker_thread+0x50/0x3a0\n[77786.481785]  ? __pfx_worker_thread+0x10/0x10\n[77786.481790]  kthread+0xe2/0x110\n[77786.481794]  ? __pfx_kthread+0x10/0x10\n[77786.481797]  ret_from_fork+0x2c/0x50\n\nTo avoid this, complete all completion handlers before returning the\ndestroy QP. If free_cq is called soon after destroy_qp, IB stack\nwill cancel the CQ work before invoking the destroy_cq verb and\nthis will prevent any race mentioned.(CVE-2023-54048)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log\n\nIt's trivial for user to trigger \"verifier log line truncated\" warning,\nas verifier has a fixed-sized buffer of 1024 bytes (as of now), and there are at\nleast two pieces of user-provided information that can be output through\nthis buffer, and both can be arbitrarily sized by user:\n - BTF names;\n - BTF.ext source code lines strings.\n\nVerifier log buffer should be properly sized for typical verifier state\noutput. But it's sort-of expected that this buffer won't be long enough\nin some circumstances. So let's drop the check. In any case code will\nwork correctly, at worst truncating a part of a single line output.(CVE-2023-54145)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential null-ptr-deref in device_add()\n\nI got the following null-ptr-deref report while doing fault injection test:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000058\nCPU: 2 PID: 278 Comm: 37-i2c-ds2482 Tainted: G B W N 6.1.0-rc3+\nRIP: 0010:klist_put+0x2d/0xd0\nCall Trace:\n \n klist_remove+0xf1/0x1c0\n device_release_driver_internal+0x196/0x210\n bus_remove_device+0x1bd/0x240\n device_add+0xd3d/0x1100\n w1_add_master_device+0x476/0x490 [wire]\n ds2482_probe+0x303/0x3e0 [ds2482]\n\nThis is how it happened:\n\nw1_alloc_dev()\n // The dev->driver is set to w1_master_driver.\n memcpy(&dev->dev, device, sizeof(struct device));\n device_add()\n bus_add_device()\n dpm_sysfs_add() // It fails, calls bus_remove_device.\n\n // error path\n bus_remove_device()\n // The dev->driver is not null, but driver is not bound.\n __device_release_driver()\n klist_remove(&dev->p->knode_driver) <-- It causes null-ptr-deref.\n\n // normal path\n bus_probe_device() // It's not called yet.\n device_bind_driver()\n\nIf dev->driver is set, in the error path after calling bus_add_device()\nin device_add(), bus_remove_device() is called, then the device will be\ndetached from driver. But device_bind_driver() is not called yet, so it\ncauses null-ptr-deref while access the 'knode_driver'. To fix this, set\ndev->driver to null in the error path before calling bus_remove_device().(CVE-2023-54321)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free of signing key\n\nCustomers have reported use-after-free in @ses->auth_key.response with\nSMB2.1 + sign mounts which occurs due to following race:\n\ntask A task B\ncifs_mount()\n dfs_mount_share()\n get_session()\n cifs_mount_get_session() cifs_send_recv()\n cifs_get_smb_ses() compound_send_recv()\n cifs_setup_session() smb2_setup_request()\n kfree_sensitive() smb2_calc_signature()\n crypto_shash_setkey() *UAF*\n\nFix this by ensuring that we have a valid @ses->auth_key.response by\nchecking whether @ses->ses_status is SES_GOOD or SES_EXITING with\n@ses->ses_lock held. After commit 24a9799aa8ef (\"smb: client: fix UAF\nin smb2_reconnect_server()\"), we made sure to call ->logoff() only\nwhen @ses was known to be good (e.g. valid ->auth_key.response), so\nit's safe to access signing key when @ses->ses_status == SES_EXITING.(CVE-2024-53179)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [] __kmalloc_cache_noprof+0x275/0x340\n [] ice_init_arfs+0x3a/0xe0 [ice]\n [] ice_vsi_cfg_def+0x607/0x850 [ice]\n [] ice_vsi_setup+0x5b/0x130 [ice]\n [] ice_init+0x1c1/0x460 [ice]\n [] ice_probe+0x2af/0x520 [ice]\n [] local_pci_probe+0x43/0xa0\n [] work_for_cpu_fn+0x13/0x20\n [] process_one_work+0x179/0x390\n [] worker_thread+0x239/0x340\n [] kthread+0xcc/0x100\n [] ret_from_fork+0x2d/0x50\n [] ret_from_fork_asm+0x1a/0x30\n ...(CVE-2025-21981)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser->pipe_bufs without updating the pipe->nr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user->pipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It's unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)(CVE-2025-23138)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.(CVE-2025-37766)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.(CVE-2025-37770)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: prevent out-of-bounds stream writes by validating *pos\n\nksmbd_vfs_stream_write() did not validate whether the write offset\n(*pos) was within the bounds of the existing stream data length (v_len).\nIf *pos was greater than or equal to v_len, this could lead to an\nout-of-bounds memory write.\n\nThis patch adds a check to ensure *pos is less than v_len before\nproceeding. If the condition fails, -EINVAL is returned.(CVE-2025-37947)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.(CVE-2025-38068)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Avoid using sk_socket after free when sending\n\nThe sk->sk_socket is not locked or referenced in backlog thread, and\nduring the call to skb_send_sock(), there is a race condition with\nthe release of sk_socket. All types of sockets(tcp/udp/unix/vsock)\nwill be affected.\n\nRace conditions:\n'''\nCPU0 CPU1\n\nbacklog::skb_send_sock\n sendmsg_unlocked\n sock_sendmsg\n sock_sendmsg_nosec\n close(fd):\n ...\n ops->release() -> sock_map_close()\n sk_socket->ops = NULL\n free(socket)\n sock->ops->sendmsg\n ^\n panic here\n'''\n\nThe ref of psock become 0 after sock_map_close() executed.\n'''\nvoid sock_map_close()\n{\n ...\n if (likely(psock)) {\n ...\n // !! here we remove psock and the ref of psock become 0\n sock_map_remove_links(sk, psock)\n psock = sk_psock_get(sk);\n if (unlikely(!psock))\n goto no_psock; <=== Control jumps here via goto\n ...\n cancel_delayed_work_sync(&psock->work); <=== not executed\n sk_psock_put(sk, psock);\n ...\n}\n'''\n\nBased on the fact that we already wait for the workqueue to finish in\nsock_map_close() if psock is held, we simply increase the psock\nreference count to avoid race conditions.\n\nWith this patch, if the backlog thread is running, sock_map_close() will\nwait for the backlog thread to complete and cancel all pending work.\n\nIf no backlog running, any pending work that hasn't started by then will\nfail when invoked by sk_psock_get(), as the psock reference count have\nbeen zeroed, and sk_psock_drop() will cancel all jobs via\ncancel_delayed_work_sync().\n\nIn summary, we require synchronization to coordinate the backlog thread\nand close() thread.\n\nThe panic I catched:\n'''\nWorkqueue: events sk_psock_backlog\nRIP: 0010:sock_sendmsg+0x21d/0x440\nRAX: 0000000000000000 RBX: ffffc9000521fad8 RCX: 0000000000000001\n...\nCall Trace:\n \n ? die_addr+0x40/0xa0\n ? exc_general_protection+0x14c/0x230\n ? asm_exc_general_protection+0x26/0x30\n ? sock_sendmsg+0x21d/0x440\n ? sock_sendmsg+0x3e0/0x440\n ? __pfx_sock_sendmsg+0x10/0x10\n __skb_send_sock+0x543/0xb70\n sk_psock_backlog+0x247/0xb80\n...\n'''(CVE-2025-38154)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix use-after-free in vhci_flush()\n\nsyzbot reported use-after-free in vhci_flush() without repro. [0]\n\nFrom the splat, a thread close()d a vhci file descriptor while\nits device was being used by iotcl() on another thread.\n\nOnce the last fd refcnt is released, vhci_release() calls\nhci_unregister_dev(), hci_free_dev(), and kfree() for struct\nvhci_data, which is set to hci_dev->dev->driver_data.\n\nThe problem is that there is no synchronisation after unlinking\nhdev from hci_dev_list in hci_unregister_dev(). There might be\nanother thread still accessing the hdev which was fetched before\nthe unlink operation.\n\nWe can use SRCU for such synchronisation.\n\nLet's run hci_dev_reset() under SRCU and wait for its completion\nin hci_unregister_dev().\n\nAnother option would be to restore hci_dev->destruct(), which was\nremoved in commit 587ae086f6e4 (\"Bluetooth: Remove unused\nhci-destruct cb\"). However, this would not be a good solution, as\nwe should not run hci_unregister_dev() while there are in-flight\nioctl() requests, which could lead to another data-race KCSAN splat.\n\nNote that other drivers seem to have the same problem, for exmaple,\nvirtbt_remove().\n\n[0]:\nBUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\nBUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\nRead of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718\n\nCPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xd2/0x2b0 mm/kasan/report.c:521\n kasan_report+0x118/0x150 mm/kasan/report.c:634\n skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\n skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\n skb_queue_purge include/linux/skbuff.h:3368 [inline]\n vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69\n hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline]\n hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592\n sock_do_ioctl+0xd9/0x300 net/socket.c:1190\n sock_ioctl+0x576/0x790 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcf5b98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929\nRDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009\nRBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528\n \n\nAllocated by task 6535:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635\n misc_open+0x2bc/0x330 drivers/char/misc.c:161\n chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414\n do_dentry_open+0xdf0/0x1970 fs/open.c:964\n vfs_open+0x3b/0x340 fs/open.c:1094\n do_open fs/namei.c:3887 [inline]\n path_openat+0x2ee5/0x3830 fs/name\n---truncated---(CVE-2025-38250)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fix use of uninitialized data in insn_rw_emulate_bits()\n\nFor Comedi `INSN_READ` and `INSN_WRITE` instructions on \"digital\"\nsubdevices (subdevice types `COMEDI_SUBD_DI`, `COMEDI_SUBD_DO`, and\n`COMEDI_SUBD_DIO`), it is common for the subdevice driver not to have\n`insn_read` and `insn_write` handler functions, but to have an\n`insn_bits` handler function for handling Comedi `INSN_BITS`\ninstructions. In that case, the subdevice's `insn_read` and/or\n`insn_write` function handler pointers are set to point to the\n`insn_rw_emulate_bits()` function by `__comedi_device_postconfig()`.\n\nFor `INSN_WRITE`, `insn_rw_emulate_bits()` currently assumes that the\nsupplied `data[0]` value is a valid copy from user memory. It will at\nleast exist because `do_insnlist_ioctl()` and `do_insn_ioctl()` in\n\"comedi_fops.c\" ensure at lease `MIN_SAMPLES` (16) elements are\nallocated. However, if `insn->n` is 0 (which is allowable for\n`INSN_READ` and `INSN_WRITE` instructions, then `data[0]` may contain\nuninitialized data, and certainly contains invalid data, possibly from a\ndifferent instruction in the array of instructions handled by\n`do_insnlist_ioctl()`. This will result in an incorrect value being\nwritten to the digital output channel (or to the digital input/output\nchannel if configured as an output), and may be reflected in the\ninternal saved state of the channel.\n\nFix it by returning 0 early if `insn->n` is 0, before reaching the code\nthat accesses `data[0]`. Previously, the function always returned 1 on\nsuccess, but it is supposed to be the number of data samples actually\nread or written up to `insn->n`, which is 0 in this case.(CVE-2025-38480)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn't reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.(CVE-2025-38556)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb->transport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679(CVE-2025-38572)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npptp: ensure minimal skb length in pptp_xmit()\n\nCommit aabc6596ffb3 (\"net: ppp: Add bound checking for skb data\non ppp_sync_txmung\") fixed ppp_sync_txmunge()\n\nWe need a similar fix in pptp_xmit(), otherwise we might\nread uninit data as reported by syzbot.\n\nBUG: KMSAN: uninit-value in pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2290 [inline]\n ppp_input+0x1d6/0xe60 drivers/net/ppp/ppp_generic.c:2314\n pppoe_rcv_core+0x1e8/0x760 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n pppoe_sendmsg+0x15d/0xcb0 drivers/net/ppp/pppoe.c:904\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x893/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmmsg+0x2d9/0x7c0 net/socket.c:2709(CVE-2025-38574)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.(CVE-2025-38618)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Avoid stack buffer overflow from kernel cmdline\n\nWhile the kernel command line is considered trusted in most environments,\navoid writing 1 byte past the end of \"acpiid\" if the \"str\" argument is\nmaximum length.(CVE-2025-38676)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix for slab out of bounds on mount to ksmbd\n\nWith KASAN enabled, it is possible to get a slab out of bounds\nduring mount to ksmbd due to missing check in parse_server_interfaces()\n(see below):\n\n BUG: KASAN: slab-out-of-bounds in\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n Read of size 4 at addr ffff8881433dba98 by task mount/9827\n\n CPU: 5 UID: 0 PID: 9827 Comm: mount Tainted: G\n OE 6.16.0-rc2-kasan #2 PREEMPT(voluntary)\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: Dell Inc. Precision Tower 3620/0MWYPT,\n BIOS 2.13.1 06/14/2019\n Call Trace:\n \n dump_stack_lvl+0x9f/0xf0\n print_report+0xd1/0x670\n __virt_addr_valid+0x22c/0x430\n ? parse_server_interfaces+0x14ee/0x1880 [cifs]\n ? kasan_complete_mode_report_info+0x2a/0x1f0\n ? parse_server_interfaces+0x14ee/0x1880 [cifs]\n kasan_report+0xd6/0x110\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n __asan_report_load_n_noabort+0x13/0x20\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n ? __pfx_parse_server_interfaces+0x10/0x10 [cifs]\n ? trace_hardirqs_on+0x51/0x60\n SMB3_request_interfaces+0x1ad/0x3f0 [cifs]\n ? __pfx_SMB3_request_interfaces+0x10/0x10 [cifs]\n ? SMB2_tcon+0x23c/0x15d0 [cifs]\n smb3_qfs_tcon+0x173/0x2b0 [cifs]\n ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs]\n ? cifs_get_tcon+0x105d/0x2120 [cifs]\n ? do_raw_spin_unlock+0x5d/0x200\n ? cifs_get_tcon+0x105d/0x2120 [cifs]\n ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs]\n cifs_mount_get_tcon+0x369/0xb90 [cifs]\n ? dfs_cache_find+0xe7/0x150 [cifs]\n dfs_mount_share+0x985/0x2970 [cifs]\n ? check_path.constprop.0+0x28/0x50\n ? save_trace+0x54/0x370\n ? __pfx_dfs_mount_share+0x10/0x10 [cifs]\n ? __lock_acquire+0xb82/0x2ba0\n ? __kasan_check_write+0x18/0x20\n cifs_mount+0xbc/0x9e0 [cifs]\n ? __pfx_cifs_mount+0x10/0x10 [cifs]\n ? do_raw_spin_unlock+0x5d/0x200\n ? cifs_setup_cifs_sb+0x29d/0x810 [cifs]\n cifs_smb3_do_mount+0x263/0x1990 [cifs](CVE-2025-38728)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla4xxx: Prevent a potential error pointer dereference\n\nThe qla4xxx_get_ep_fwdb() function is supposed to return NULL on error,\nbut qla4xxx_ep_connect() returns error pointers. Propagating the error\npointers will lead to an Oops in the caller, so change the error pointers\nto NULL.(CVE-2025-39676)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.(CVE-2025-39702)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Fix rcu_read_unlock() deadloop due to IRQ work\n\nDuring rcu_read_unlock_special(), if this happens during irq_exit(), we\ncan lockup if an IPI is issued. This is because the IPI itself triggers\nthe irq_exit() path causing a recursive lock up.\n\nThis is precisely what Xiongfeng found when invoking a BPF program on\nthe trace_tick_stop() tracepoint As shown in the trace below. Fix by\nmanaging the irq_work state correctly.\n\nirq_exit()\n __irq_exit_rcu()\n /* in_hardirq() returns false after this */\n preempt_count_sub(HARDIRQ_OFFSET)\n tick_irq_exit()\n tick_nohz_irq_exit()\n\t tick_nohz_stop_sched_tick()\n\t trace_tick_stop() /* a bpf prog is hooked on this trace point */\n\t\t __bpf_trace_tick_stop()\n\t\t bpf_trace_run2()\n\t\t\t rcu_read_unlock_special()\n /* will send a IPI to itself */\n\t\t\t irq_work_queue_on(&rdp->defer_qs_iw, rdp->cpu);\n\nA simple reproducer can also be obtained by doing the following in\ntick_irq_exit(). It will hang on boot without the patch:\n\n static inline void tick_irq_exit(void)\n {\n +\trcu_read_lock();\n +\tWRITE_ONCE(current->rcu_read_unlock_special.b.need_qs, true);\n +\trcu_read_unlock();\n +\n\n[neeraj: Apply Frederic's suggested fix for PREEMPT_RT](CVE-2025-39744)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Protect ->defer_qs_iw_pending from data race\n\nOn kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is\ninvoked within an interrupts-disabled region of code [1], it will invoke\nrcu_read_unlock_special(), which uses an irq-work handler to force the\nsystem to notice when the RCU read-side critical section actually ends.\nThat end won't happen until interrupts are enabled at the soonest.\n\nIn some kernels, such as those booted with rcutree.use_softirq=y, the\nirq-work handler is used unconditionally.\n\nThe per-CPU rcu_data structure's ->defer_qs_iw_pending field is\nupdated by the irq-work handler and is both read and updated by\nrcu_read_unlock_special(). This resulted in the following KCSAN splat:\n\n------------------------------------------------------------------------\n\nBUG: KCSAN: data-race in rcu_preempt_deferred_qs_handler / rcu_read_unlock_special\n\nread to 0xffff96b95f42d8d8 of 1 bytes by task 90 on cpu 8:\n rcu_read_unlock_special+0x175/0x260\n __rcu_read_unlock+0x92/0xa0\n rt_spin_unlock+0x9b/0xc0\n __local_bh_enable+0x10d/0x170\n __local_bh_enable_ip+0xfb/0x150\n rcu_do_batch+0x595/0xc40\n rcu_cpu_kthread+0x4e9/0x830\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nwrite to 0xffff96b95f42d8d8 of 1 bytes by task 88 on cpu 8:\n rcu_preempt_deferred_qs_handler+0x1e/0x30\n irq_work_single+0xaf/0x160\n run_irq_workd+0x91/0xc0\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nno locks held by irq_work/8/88.\nirq event stamp: 200272\nhardirqs last enabled at (200272): [] finish_task_switch+0x131/0x320\nhardirqs last disabled at (200271): [] __schedule+0x129/0xd70\nsoftirqs last enabled at (0): [] copy_process+0x4df/0x1cc0\nsoftirqs last disabled at (0): [<0000000000000000>] 0x0\n\n------------------------------------------------------------------------\n\nThe problem is that irq-work handlers run with interrupts enabled, which\nmeans that rcu_preempt_deferred_qs_handler() could be interrupted,\nand that interrupt handler might contain an RCU read-side critical\nsection, which might invoke rcu_read_unlock_special(). In the strict\nKCSAN mode of operation used by RCU, this constitutes a data race on\nthe ->defer_qs_iw_pending field.\n\nThis commit therefore disables interrupts across the portion of the\nrcu_preempt_deferred_qs_handler() that updates the ->defer_qs_iw_pending\nfield. This suffices because this handler is not a fast path.(CVE-2025-39749)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.(CVE-2025-39797)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().\n\nsyzbot reported the splat below. [0]\n\nWhen atmtcp_v_open() or atmtcp_v_close() is called via connect()\nor close(), atmtcp_send_control() is called to send an in-kernel\nspecial message.\n\nThe message has ATMTCP_HDR_MAGIC in atmtcp_control.hdr.length.\nAlso, a pointer of struct atm_vcc is set to atmtcp_control.vcc.\n\nThe notable thing is struct atmtcp_control is uAPI but has a\nspace for an in-kernel pointer.\n\n struct atmtcp_control {\n \tstruct atmtcp_hdr hdr;\t/* must be first */\n ...\n \tatm_kptr_t vcc;\t\t/* both directions */\n ...\n } __ATM_API_ALIGN;\n\n typedef struct { unsigned char _[8]; } __ATM_API_ALIGN atm_kptr_t;\n\nThe special message is processed in atmtcp_recv_control() called\nfrom atmtcp_c_send().\n\natmtcp_c_send() is vcc->dev->ops->send() and called from 2 paths:\n\n 1. .ndo_start_xmit() (vcc->send() == atm_send_aal0())\n 2. vcc_sendmsg()\n\nThe problem is sendmsg() does not validate the message length and\nuserspace can abuse atmtcp_recv_control() to overwrite any kptr\nby atmtcp_control.\n\nLet's add a new ->pre_send() hook to validate messages from sendmsg().\n\n[0]:\nOops: general protection fault, probably for non-canonical address 0xdffffc00200000ab: 0000 [#1] SMP KASAN PTI\nKASAN: probably user-memory-access in range [0x0000000100000558-0x000000010000055f]\nCPU: 0 UID: 0 PID: 5865 Comm: syz-executor331 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:atmtcp_recv_control drivers/atm/atmtcp.c:93 [inline]\nRIP: 0010:atmtcp_c_send+0x1da/0x950 drivers/atm/atmtcp.c:297\nCode: 4d 8d 75 1a 4c 89 f0 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 15 06 00 00 41 0f b7 1e 4d 8d b7 60 05 00 00 4c 89 f0 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 13 06 00 00 66 41 89 1e 4d 8d 75 1c 4c\nRSP: 0018:ffffc90003f5f810 EFLAGS: 00010203\nRAX: 00000000200000ab RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802a510000 RSI: 00000000ffffffff RDI: ffff888030a6068c\nRBP: ffff88802699fb40 R08: ffff888030a606eb R09: 1ffff1100614c0dd\nR10: dffffc0000000000 R11: ffffffff8718fc40 R12: dffffc0000000000\nR13: ffff888030a60680 R14: 000000010000055f R15: 00000000ffffffff\nFS: 00007f8d7e9236c0(0000) GS:ffff888125c1c000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000045ad50 CR3: 0000000075bde000 CR4: 00000000003526f0\nCall Trace:\n \n vcc_sendmsg+0xa10/0xc60 net/atm/common.c:645\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:729\n ____sys_sendmsg+0x505/0x830 net/socket.c:2614\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668\n __sys_sendmsg net/socket.c:2700 [inline]\n __do_sys_sendmsg net/socket.c:2705 [inline]\n __se_sys_sendmsg net/socket.c:2703 [inline]\n __x64_sys_sendmsg+0x19b/0x260 net/socket.c:2703\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f8d7e96a4a9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f8d7e923198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f8d7e9f4308 RCX: 00007f8d7e96a4a9\nRDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005\nRBP: 00007f8d7e9f4300 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f8d7e9c10ac\nR13: 00007f8d7e9231a0 R14: 0000200000000200 R15: 0000200000000250\n \nModules linked in:(CVE-2025-39828)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix potential invalid access when MAC list is empty\n\nlist_first_entry() never returns NULL - if the list is empty, it still\nreturns a pointer to an invalid object, leading to potential invalid\nmemory access when dereferenced.\n\nFix this by using list_first_entry_or_null instead of list_first_entry.(CVE-2025-39853)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()\n\nsyzbot reported the splat below without a repro.\n\nIn the splat, a single thread calling bt_accept_dequeue() freed sk\nand touched it after that.\n\nThe root cause would be the racy l2cap_sock_cleanup_listen() call\nadded by the cited commit.\n\nbt_accept_dequeue() is called under lock_sock() except for\nl2cap_sock_release().\n\nTwo threads could see the same socket during the list iteration\nin bt_accept_dequeue():\n\n CPU1 CPU2 (close())\n ---- ----\n sock_hold(sk) sock_hold(sk);\n lock_sock(sk) <-- block close()\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- refcnt by bt_accept_enqueue()\n release_sock(sk)\n lock_sock(sk)\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- last refcnt\n bt_accept_unlink(sk) <-- UAF\n\nDepending on the timing, the other thread could show up in the\n\"Freed by task\" part.\n\nLet's call l2cap_sock_cleanup_listen() under lock_sock() in\nl2cap_sock_release().\n\n[0]:\nBUG: KASAN: slab-use-after-free in debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\nBUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\nRead of size 4 at addr ffff88803b7eb1c4 by task syz.5.3276/16995\nCPU: 3 UID: 0 PID: 16995 Comm: syz.5.3276 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcd/0x630 mm/kasan/report.c:482\n kasan_report+0xe0/0x110 mm/kasan/report.c:595\n debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\n do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n release_sock+0x21/0x220 net/core/sock.c:3746\n bt_accept_dequeue+0x505/0x600 net/bluetooth/af_bluetooth.c:312\n l2cap_sock_cleanup_listen+0x5c/0x2a0 net/bluetooth/l2cap_sock.c:1451\n l2cap_sock_release+0x5c/0x210 net/bluetooth/l2cap_sock.c:1425\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x3ff/0xb70 fs/file_table.c:468\n task_work_run+0x14d/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xeb/0x110 kernel/entry/common.c:43\n exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]\n do_syscall_64+0x3f6/0x4c0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2accf8ebe9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffdb6cb1378 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 00000000000426fb RCX: 00007f2accf8ebe9\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007f2acd1b7da0 R08: 0000000000000001 R09: 00000012b6cb166f\nR10: 0000001b30e20000 R11: 0000000000000246 R12: 00007f2acd1b609c\nR13: 00007f2acd1b6090 R14: ffffffffffffffff R15: 00007ffdb6cb1490\n \n\nAllocated by task 5326:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4365 [inline]\n __kmalloc_nopro\n---truncated---(CVE-2025-39860)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork.\n\nsyzbot reported the splat below. [0]\n\nThe repro does the following:\n\n 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(msg, cork_bytes)\n 2. Attach the prog to a SOCKMAP\n 3. Add a socket to the SOCKMAP\n 4. Activate fault injection\n 5. Send data less than cork_bytes\n\nAt 5., the data is carried over to the next sendmsg() as it is\nsmaller than the cork_bytes specified by bpf_msg_cork_bytes().\n\nThen, tcp_bpf_send_verdict() tries to allocate psock->cork to hold\nthe data, but this fails silently due to fault injection + __GFP_NOWARN.\n\nIf the allocation fails, we need to revert the sk->sk_forward_alloc\nchange done by sk_msg_alloc().\n\nLet's call sk_msg_free() when tcp_bpf_send_verdict fails to allocate\npsock->cork.\n\nThe \"*copied\" also needs to be updated such that a proper error can\nbe returned to the caller, sendmsg. It fails to allocate psock->cork.\nNothing has been corked so far, so this patch simply sets \"*copied\"\nto 0.\n\n[0]:\nWARNING: net/ipv4/af_inet.c:156 at inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156, CPU#1: syz-executor/5983\nModules linked in:\nCPU: 1 UID: 0 PID: 5983 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156\nCode: 0f 0b 90 e9 62 fe ff ff e8 7a db b5 f7 90 0f 0b 90 e9 95 fe ff ff e8 6c db b5 f7 90 0f 0b 90 e9 bb fe ff ff e8 5e db b5 f7 90 <0f> 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc\nRSP: 0018:ffffc90000a08b48 EFLAGS: 00010246\nRAX: ffffffff8a09d0b2 RBX: dffffc0000000000 RCX: ffff888024a23c80\nRDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000\nRBP: 0000000000000fff R08: ffff88807e07c627 R09: 1ffff1100fc0f8c4\nR10: dffffc0000000000 R11: ffffed100fc0f8c5 R12: ffff88807e07c380\nR13: dffffc0000000000 R14: ffff88807e07c60c R15: 1ffff1100fc0f872\nFS: 00005555604c4500(0000) GS:ffff888125af1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555604df5c8 CR3: 0000000032b06000 CR4: 00000000003526f0\nCall Trace:\n \n __sk_destruct+0x86/0x660 net/core/sock.c:2339\n rcu_do_batch kernel/rcu/tree.c:2605 [inline]\n rcu_core+0xca8/0x1770 kernel/rcu/tree.c:2861\n handle_softirqs+0x286/0x870 kernel/softirq.c:579\n __do_softirq kernel/softirq.c:613 [inline]\n invoke_softirq kernel/softirq.c:453 [inline]\n __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:696\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1052\n (CVE-2025-39913)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncnic: Fix use-after-free bugs in cnic_delete_task\n\nThe original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(),\nwhich does not guarantee that the delayed work item 'delete_task' has\nfully completed if it was already running. Additionally, the delayed work\nitem is cyclic, the flush_workqueue() in cnic_cm_stop_bnx2x_hw() only\nblocks and waits for work items that were already queued to the\nworkqueue prior to its invocation. Any work items submitted after\nflush_workqueue() is called are not included in the set of tasks that the\nflush operation awaits. This means that after the cyclic work items have\nfinished executing, a delayed work item may still exist in the workqueue.\nThis leads to use-after-free scenarios where the cnic_dev is deallocated\nby cnic_free_dev(), while delete_task remains active and attempt to\ndereference cnic_dev in cnic_delete_task().\n\nA typical race condition is illustrated below:\n\nCPU 0 (cleanup) | CPU 1 (delayed work callback)\ncnic_netdev_event() |\n cnic_stop_hw() | cnic_delete_task()\n cnic_cm_stop_bnx2x_hw() | ...\n cancel_delayed_work() | /* the queue_delayed_work()\n flush_workqueue() | executes after flush_workqueue()*/\n | queue_delayed_work()\n cnic_free_dev(dev)//free | cnic_delete_task() //new instance\n | dev = cp->dev; //use\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the cyclic delayed work item is properly canceled and that any\nongoing execution of the work item completes before the cnic_dev is\ndeallocated. Furthermore, since cancel_delayed_work_sync() uses\n__flush_work(work, true) to synchronously wait for any currently\nexecuting instance of the work item to finish, the flush_workqueue()\nbecomes redundant and should be removed.\n\nThis bug was identified through static analysis. To reproduce the issue\nand validate the fix, I simulated the cnic PCI device in QEMU and\nintroduced intentional delays — such as inserting calls to ssleep()\nwithin the cnic_delete_task() function — to increase the likelihood\nof triggering the bug.(CVE-2025-39945)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipvs: Defer ip_vs_ftp unregister during netns cleanup\n\nOn the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp\nbefore connections with valid cp->app pointers are flushed, leading to a\nuse-after-free.\n\nFix this by introducing a global `exiting_module` flag, set to true in\nip_vs_ftp_exit() before unregistering the pernet subsystem. In\n__ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns\ncleanup (when exiting_module is false) and defer it to\n__ip_vs_cleanup_batch(), which unregisters all apps after all connections\nare flushed. If called during module exit, unregister ip_vs_ftp\nimmediately.(CVE-2025-40018)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvfs: Don't leak disconnected dentries on umount\n\nWhen user calls open_by_handle_at() on some inode that is not cached, we\nwill create disconnected dentry for it. If such dentry is a directory,\nexportfs_decode_fh_raw() will then try to connect this dentry to the\ndentry tree through reconnect_path(). It may happen for various reasons\n(such as corrupted fs or race with rename) that the call to\nlookup_one_unlocked() in reconnect_one() will fail to find the dentry we\nare trying to reconnect and instead create a new dentry under the\nparent. Now this dentry will not be marked as disconnected although the\nparent still may well be disconnected (at least in case this\ninconsistency happened because the fs is corrupted and .. doesn't point\nto the real parent directory). This creates inconsistency in\ndisconnected flags but AFAICS it was mostly harmless. At least until\ncommit f1ee616214cb (\"VFS: don't keep disconnected dentries on d_anon\")\nwhich removed adding of most disconnected dentries to sb->s_anon list.\nThus after this commit cleanup of disconnected dentries implicitely\nrelies on the fact that dput() will immediately reclaim such dentries.\nHowever when some leaf dentry isn't marked as disconnected, as in the\nscenario described above, the reclaim doesn't happen and the dentries\nare \"leaked\". Memory reclaim can eventually reclaim them but otherwise\nthey stay in memory and if umount comes first, we hit infamous \"Busy\ninodes after unmount\" bug. Make sure all dentries created under a\ndisconnected parent are marked as disconnected as well.(CVE-2025-40105)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: delete x->tunnel as we delete x\n\nThe ipcomp fallback tunnels currently get deleted (from the various\nlists and hashtables) as the last user state that needed that fallback\nis destroyed (not deleted). If a reference to that user state still\nexists, the fallback state will remain on the hashtables/lists,\ntriggering the WARN in xfrm_state_fini. Because of those remaining\nreferences, the fix in commit f75a2804da39 (\"xfrm: destroy xfrm_state\nsynchronously on net exit path\") is not complete.\n\nWe recently fixed one such situation in TCP due to defered freeing of\nskbs (commit 9b6412e6979f (\"tcp: drop secpath at the same time as we\ncurrently drop dst\")). This can also happen due to IP reassembly: skbs\nwith a secpath remain on the reassembly queue until netns\ndestruction. If we can't guarantee that the queues are flushed by the\ntime xfrm_state_fini runs, there may still be references to a (user)\nxfrm_state, preventing the timely deletion of the corresponding\nfallback state.\n\nInstead of chasing each instance of skbs holding a secpath one by one,\nthis patch fixes the issue directly within xfrm, by deleting the\nfallback state as soon as the last user state depending on it has been\ndeleted. Destruction will still happen when the final reference is\ndropped.\n\nA separate lockdep class for the fallback state is required since\nwe're going to lock x->tunnel while x is locked.(CVE-2025-40215)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: fix uaf in proc_readdir_de()\n\nPde is erased from subdir rbtree through rb_erase(), but not set the node\nto EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE()\nset the erased node to EMPTY, then pde_subdir_next() will return NULL to\navoid uaf access.\n\nWe found an uaf issue while using stress-ng testing, need to run testcase\ngetdent and tun in the same time. The steps of the issue is as follows:\n\n1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current\n pde is tun3;\n\n2) in the [time windows] unregister netdevice tun3 and tun2, and erase\n them from rbtree. erase tun3 first, and then erase tun2. the\n pde(tun2) will be released to slab;\n\n3) continue to getdent process, then pde_subdir_next() will return\n pde(tun2) which is released, it will case uaf access.\n\nCPU 0 | CPU 1\n-------------------------------------------------------------------------\ntraverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2\nsys_getdents64() |\n iterate_dir() |\n proc_readdir() |\n proc_readdir_de() | snmp6_unregister_dev()\n pde_get(de); | proc_remove()\n read_unlock(&proc_subdir_lock); | remove_proc_subtree()\n | write_lock(&proc_subdir_lock);\n [time window] | rb_erase(&root->subdir_node, &parent->subdir);\n | write_unlock(&proc_subdir_lock);\n read_lock(&proc_subdir_lock); |\n next = pde_subdir_next(de); |\n pde_put(de); |\n de = next; //UAF |\n\nrbtree of dev_snmp6\n |\n pde(tun3)\n / \\\n NULL pde(tun2)(CVE-2025-40271)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_mon_reinit_self().\n\nsyzbot reported use-after-free of tipc_net(net)->monitors[]\nin tipc_mon_reinit_self(). [0]\n\nThe array is protected by RTNL, but tipc_mon_reinit_self()\niterates over it without RTNL.\n\ntipc_mon_reinit_self() is called from tipc_net_finalize(),\nwhich is always under RTNL except for tipc_net_finalize_work().\n\nLet's hold RTNL in tipc_net_finalize_work().\n\n[0]:\nBUG: KASAN: slab-use-after-free in __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\nBUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0xa7/0xf0 kernel/locking/spinlock.c:162\nRead of size 1 at addr ffff88805eae1030 by task kworker/0:7/5989\n\nCPU: 0 UID: 0 PID: 5989 Comm: kworker/0:7 Not tainted syzkaller #0 PREEMPT_{RT,(full)}\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025\nWorkqueue: events tipc_net_finalize_work\nCall Trace:\n \n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n __kasan_check_byte+0x2a/0x40 mm/kasan/common.c:568\n kasan_check_byte include/linux/kasan.h:399 [inline]\n lock_acquire+0x8d/0x360 kernel/locking/lockdep.c:5842\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xa7/0xf0 kernel/locking/spinlock.c:162\n rtlock_slowlock kernel/locking/rtmutex.c:1894 [inline]\n rwbase_rtmutex_lock_state kernel/locking/spinlock_rt.c:160 [inline]\n rwbase_write_lock+0xd3/0x7e0 kernel/locking/rwbase_rt.c:244\n rt_write_lock+0x76/0x110 kernel/locking/spinlock_rt.c:243\n write_lock_bh include/linux/rwlock_rt.h:99 [inline]\n tipc_mon_reinit_self+0x79/0x430 net/tipc/monitor.c:718\n tipc_net_finalize+0x115/0x190 net/tipc/net.c:140\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3319\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400\n kthread+0x70e/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x439/0x7d0 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \n\nAllocated by task 6089:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x1a8/0x320 mm/slub.c:4407\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n tipc_mon_create+0xc3/0x4d0 net/tipc/monitor.c:657\n tipc_enable_bearer net/tipc/bearer.c:357 [inline]\n __tipc_nl_bearer_enable+0xe16/0x13f0 net/tipc/bearer.c:1047\n __tipc_nl_compat_doit net/tipc/netlink_compat.c:371 [inline]\n tipc_nl_compat_doit+0x3bc/0x5f0 net/tipc/netlink_compat.c:393\n tipc_nl_compat_handle net/tipc/netlink_compat.c:-1 [inline]\n tipc_nl_compat_recv+0x83c/0xbe0 net/tipc/netlink_compat.c:1321\n genl_family_rcv_msg_doit+0x215/0x300 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x60e/0x790 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0x846/0xa10 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x21c/0x270 net/socket.c:729\n ____sys_sendmsg+0x508/0x820 net/socket.c:2614\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668\n __sys_sendmsg net/socket.c:2700 [inline]\n __do_sys_sendmsg net/socket.c:2705 [inline]\n __se_sys_sendmsg net/socket.c:2703 [inline]\n __x64_sys_sendmsg+0x1a1/0x260 net/socket.c:2703\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/\n---truncated---(CVE-2025-40280)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fc: use lock accessing port_state and rport state\n\nnvme_fc_unregister_remote removes the remote port on a lport object at\nany point in time when there is no active association. This races with\nwith the reconnect logic, because nvme_fc_create_association is not\ntaking a lock to check the port_state and atomically increase the\nactive count on the rport.(CVE-2025-40342)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\narch_topology: Fix incorrect error check in topology_parse_cpu_capacity()\n\nFix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity()\nwhich causes the code to proceed with NULL clock pointers. The current\nlogic uses !PTR_ERR_OR_ZERO(cpu_clk) which evaluates to true for both\nvalid pointers and NULL, leading to potential NULL pointer dereference\nin clk_get_rate().\n\nPer include/linux/err.h documentation, PTR_ERR_OR_ZERO(ptr) returns:\n\"The error code within @ptr if it is an error pointer; 0 otherwise.\"\n\nThis means PTR_ERR_OR_ZERO() returns 0 for both valid pointers AND NULL\npointers. Therefore !PTR_ERR_OR_ZERO(cpu_clk) evaluates to true (proceed)\nwhen cpu_clk is either valid or NULL, causing clk_get_rate(NULL) to be\ncalled when of_clk_get() returns NULL.\n\nReplace with !IS_ERR_OR_NULL(cpu_clk) which only proceeds for valid\npointers, preventing potential NULL pointer dereference in clk_get_rate().(CVE-2025-40346)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup\n\nRaw IP packets have no MAC header, leaving skb->mac_header uninitialized.\nThis can trigger kernel panics on ARM64 when xfrm or other subsystems\naccess the offset due to strict alignment checks.\n\nInitialize the MAC header to prevent such crashes.\n\nThis can trigger kernel panics on ARM when running IPsec over the\nqmimux0 interface.\n\nExample trace:\n\n Internal error: Oops: 000000009600004f [#1] SMP\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.34-gbe78e49cb433 #1\n Hardware name: LS1028A RDB Board (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : xfrm_input+0xde8/0x1318\n lr : xfrm_input+0x61c/0x1318\n sp : ffff800080003b20\n Call trace:\n xfrm_input+0xde8/0x1318\n xfrm6_rcv+0x38/0x44\n xfrm6_esp_rcv+0x48/0xa8\n ip6_protocol_deliver_rcu+0x94/0x4b0\n ip6_input_finish+0x44/0x70\n ip6_input+0x44/0xc0\n ipv6_rcv+0x6c/0x114\n __netif_receive_skb_one_core+0x5c/0x8c\n __netif_receive_skb+0x18/0x60\n process_backlog+0x78/0x17c\n __napi_poll+0x38/0x180\n net_rx_action+0x168/0x2f0(CVE-2025-68192)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: fix potential use-after-free in have_mon_and_osd_map()\n\nThe wait loop in __ceph_open_session() can race with the client\nreceiving a new monmap or osdmap shortly after the initial map is\nreceived. Both ceph_monc_handle_map() and handle_one_map() install\na new map immediately after freeing the old one\n\n kfree(monc->monmap);\n monc->monmap = monmap;\n\n ceph_osdmap_destroy(osdc->osdmap);\n osdc->osdmap = newmap;\n\nunder client->monc.mutex and client->osdc.lock respectively, but\nbecause neither is taken in have_mon_and_osd_map() it's possible for\nclient->monc.monmap->epoch and client->osdc.osdmap->epoch arms in\n\n client->monc.monmap && client->monc.monmap->epoch &&\n client->osdc.osdmap && client->osdc.osdmap->epoch;\n\ncondition to dereference an already freed map. This happens to be\nreproducible with generic/395 and generic/397 with KASAN enabled:\n\n BUG: KASAN: slab-use-after-free in have_mon_and_osd_map+0x56/0x70\n Read of size 4 at addr ffff88811012d810 by task mount.ceph/13305\n CPU: 2 UID: 0 PID: 13305 Comm: mount.ceph Not tainted 6.14.0-rc2-build2+ #1266\n ...\n Call Trace:\n \n have_mon_and_osd_map+0x56/0x70\n ceph_open_session+0x182/0x290\n ceph_get_tree+0x333/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \n\n Allocated by task 13305:\n ceph_osdmap_alloc+0x16/0x130\n ceph_osdc_init+0x27a/0x4c0\n ceph_create_client+0x153/0x190\n create_fs_client+0x50/0x2a0\n ceph_get_tree+0xff/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Freed by task 9475:\n kfree+0x212/0x290\n handle_one_map+0x23c/0x3b0\n ceph_osdc_handle_map+0x3c9/0x590\n mon_dispatch+0x655/0x6f0\n ceph_con_process_message+0xc3/0xe0\n ceph_con_v1_try_read+0x614/0x760\n ceph_con_workfn+0x2de/0x650\n process_one_work+0x486/0x7c0\n process_scheduled_works+0x73/0x90\n worker_thread+0x1c8/0x2a0\n kthread+0x2ec/0x300\n ret_from_fork+0x24/0x40\n ret_from_fork_asm+0x1a/0x30\n\nRewrite the wait loop to check the above condition directly with\nclient->monc.mutex and client->osdc.lock taken as appropriate. While\nat it, improve the timeout handling (previously mount_timeout could be\nexceeded in case wait_event_interruptible_timeout() slept more than\nonce) and access client->auth_err under client->monc.mutex to match\nhow it's set in finish_auth().\n\nmonmap_show() and osdmap_show() now take the respective lock before\naccessing the map as well.(CVE-2025-68285)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()\n\nrlen value is a user-controlled value, but dtv5100_i2c_msg() does not\ncheck the size of the rlen value. Therefore, if it is set to a value\nlarger than sizeof(st->data), an out-of-bounds vuln occurs for st->data.\n\nTherefore, we need to add proper range checking to prevent this vuln.(CVE-2025-68819)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cm: Fix leaking the multicast GID table reference\n\nIf the CM ID is destroyed while the CM event for multicast creating is\nstill queued the cancel_work_sync() will prevent the work from running\nwhich also prevents destroying the ah_attr. This leaks a refcount and\ntriggers a WARN:\n\n GID entry ref leak for dev syz1 index 2 ref=573\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 release_gid_table drivers/infiniband/core/cache.c:806 [inline]\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886\n\nDestroy the ah_attr after canceling the work, it is safe to call this\ntwice.(CVE-2025-71084)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nteam: fix check for port enabled in team_queue_override_port_prio_changed()\n\nThere has been a syzkaller bug reported recently with the following\ntrace:\n\nlist_del corruption, ffff888058bea080->prev is LIST_POISON2 (dead000000000122)\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:59!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nCPU: 3 UID: 0 PID: 21246 Comm: syz.0.2928 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:__list_del_entry_valid_or_report+0x13e/0x200 lib/list_debug.c:59\nCode: 48 c7 c7 e0 71 f0 8b e8 30 08 ef fc 90 0f 0b 48 89 ef e8 a5 02 55 fd 48 89 ea 48 89 de 48 c7 c7 40 72 f0 8b e8 13 08 ef fc 90 <0f> 0b 48 89 ef e8 88 02 55 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d49f370 EFLAGS: 00010286\nRAX: 000000000000004e RBX: ffff888058bea080 RCX: ffffc9002817d000\nRDX: 0000000000000000 RSI: ffffffff819becc6 RDI: 0000000000000005\nRBP: dead000000000122 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000080000000 R11: 0000000000000001 R12: ffff888039e9c230\nR13: ffff888058bea088 R14: ffff888058bea080 R15: ffff888055461480\nFS: 00007fbbcfe6f6c0(0000) GS:ffff8880d6d0a000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000110c3afcb0 CR3: 00000000382c7000 CR4: 0000000000352ef0\nCall Trace:\n \n __list_del_entry_valid include/linux/list.h:132 [inline]\n __list_del_entry include/linux/list.h:223 [inline]\n list_del_rcu include/linux/rculist.h:178 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:826 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:821 [inline]\n team_queue_override_port_prio_changed drivers/net/team/team_core.c:883 [inline]\n team_priority_option_set+0x171/0x2f0 drivers/net/team/team_core.c:1534\n team_option_set drivers/net/team/team_core.c:376 [inline]\n team_nl_options_set_doit+0x8ae/0xe60 drivers/net/team/team_core.c:2653\n genl_family_rcv_msg_doit+0x209/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x55c/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2552\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n ____sys_sendmsg+0xa98/0xc70 net/socket.c:2630\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2684\n __sys_sendmsg+0x16d/0x220 net/socket.c:2716\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe problem is in this flow:\n1) Port is enabled, queue_id != 0, in qom_list\n2) Port gets disabled\n -> team_port_disable()\n -> team_queue_override_port_del()\n -> del (removed from list)\n3) Port is disabled, queue_id != 0, not in any list\n4) Priority changes\n -> team_queue_override_port_prio_changed()\n -> checks: port disabled && queue_id != 0\n -> calls del - hits the BUG as it is removed already\n\nTo fix this, change the check in team_queue_override_port_prio_changed()\nso it returns early if port is not enabled.(CVE-2025-71091)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf\n\nA zero length gss_token results in pages == 0 and in_token->pages[0]\nis NULL. The code unconditionally evaluates\npage_address(in_token->pages[0]) for the initial memcpy, which can\ndereference NULL even when the copy length is 0. Guard the first\nmemcpy so it only runs when length > 0.(CVE-2025-71120)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec\n\nCommit efa56305908b (\"nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length\")\nadded ttag bounds checking and data_offset\nvalidation in nvmet_tcp_handle_h2c_data_pdu(), but it did not validate\nwhether the command's data structures (cmd->req.sg and cmd->iov) have\nbeen properly initialized before processing H2C_DATA PDUs.\n\nThe nvmet_tcp_build_pdu_iovec() function dereferences these pointers\nwithout NULL checks. This can be triggered by sending H2C_DATA PDU\nimmediately after the ICREQ/ICRESP handshake, before\nsending a CONNECT command or NVMe write command.\n\nAttack vectors that trigger NULL pointer dereferences:\n1. H2C_DATA PDU sent before CONNECT → both pointers NULL\n2. H2C_DATA PDU for READ command → cmd->req.sg allocated, cmd->iov NULL\n3. H2C_DATA PDU for uninitialized command slot → both pointers NULL\n\nThe fix validates both cmd->req.sg and cmd->iov before calling\nnvmet_tcp_build_pdu_iovec(). Both checks are required because:\n- Uninitialized commands: both NULL\n- READ commands: cmd->req.sg allocated, cmd->iov NULL\n- WRITE commands: both allocated(CVE-2026-22998)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node()\n\nIn nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails,\nthe function jumps to the out_scratch label without freeing the already\nallocated dsaddrs list, leading to a memory leak.\n\nFix this by jumping to the out_err_drain_dsaddrs label, which properly\nfrees the dsaddrs list before cleaning up other resources.(CVE-2026-23038)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2026-1341", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" }, { "summary":"CVE-2022-49190", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49190&packageName=kernel" }, { "summary":"CVE-2022-49309", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49309&packageName=kernel" }, { "summary":"CVE-2022-49829", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49829&packageName=kernel" }, { "summary":"CVE-2022-50151", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-50151&packageName=kernel" }, { "summary":"CVE-2022-50159", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-50159&packageName=kernel" }, { "summary":"CVE-2022-50616", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-50616&packageName=kernel" }, { "summary":"CVE-2022-50735", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-50735&packageName=kernel" }, { "summary":"CVE-2023-52927", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-52927&packageName=kernel" }, { "summary":"CVE-2023-53250", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53250&packageName=kernel" }, { "summary":"CVE-2023-53254", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53254&packageName=kernel" }, { "summary":"CVE-2023-53521", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53521&packageName=kernel" }, { "summary":"CVE-2023-53594", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53594&packageName=kernel" }, { "summary":"CVE-2023-53712", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53712&packageName=kernel" }, { "summary":"CVE-2023-53840", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53840&packageName=kernel" }, { "summary":"CVE-2023-54048", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-54048&packageName=kernel" }, { "summary":"CVE-2023-54145", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-54145&packageName=kernel" }, { "summary":"CVE-2023-54321", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-54321&packageName=kernel" }, { "summary":"CVE-2024-53179", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53179&packageName=kernel" }, { "summary":"CVE-2025-21981", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21981&packageName=kernel" }, { "summary":"CVE-2025-23138", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-23138&packageName=kernel" }, { "summary":"CVE-2025-37766", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37766&packageName=kernel" }, { "summary":"CVE-2025-37770", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37770&packageName=kernel" }, { "summary":"CVE-2025-37947", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37947&packageName=kernel" }, { "summary":"CVE-2025-38068", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38068&packageName=kernel" }, { "summary":"CVE-2025-38154", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38154&packageName=kernel" }, { "summary":"CVE-2025-38250", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38250&packageName=kernel" }, { "summary":"CVE-2025-38480", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38480&packageName=kernel" }, { "summary":"CVE-2025-38556", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38556&packageName=kernel" }, { "summary":"CVE-2025-38572", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38572&packageName=kernel" }, { "summary":"CVE-2025-38574", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38574&packageName=kernel" }, { "summary":"CVE-2025-38618", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38618&packageName=kernel" }, { "summary":"CVE-2025-38676", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38676&packageName=kernel" }, { "summary":"CVE-2025-38728", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38728&packageName=kernel" }, { "summary":"CVE-2025-39676", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39676&packageName=kernel" }, { "summary":"CVE-2025-39702", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39702&packageName=kernel" }, { "summary":"CVE-2025-39744", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39744&packageName=kernel" }, { "summary":"CVE-2025-39749", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39749&packageName=kernel" }, { "summary":"CVE-2025-39797", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39797&packageName=kernel" }, { "summary":"CVE-2025-39828", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39828&packageName=kernel" }, { "summary":"CVE-2025-39853", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39853&packageName=kernel" }, { "summary":"CVE-2025-39860", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39860&packageName=kernel" }, { "summary":"CVE-2025-39913", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39913&packageName=kernel" }, { "summary":"CVE-2025-39945", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39945&packageName=kernel" }, { "summary":"CVE-2025-40018", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40018&packageName=kernel" }, { "summary":"CVE-2025-40105", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40105&packageName=kernel" }, { "summary":"CVE-2025-40215", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40215&packageName=kernel" }, { "summary":"CVE-2025-40271", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40271&packageName=kernel" }, { "summary":"CVE-2025-40280", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40280&packageName=kernel" }, { "summary":"CVE-2025-40342", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40342&packageName=kernel" }, { "summary":"CVE-2025-40346", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40346&packageName=kernel" }, { "summary":"CVE-2025-68192", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-68192&packageName=kernel" }, { "summary":"CVE-2025-68285", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-68285&packageName=kernel" }, { "summary":"CVE-2025-68819", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-68819&packageName=kernel" }, { "summary":"CVE-2025-71084", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-71084&packageName=kernel" }, { "summary":"CVE-2025-71091", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-71091&packageName=kernel" }, { "summary":"CVE-2025-71120", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-71120&packageName=kernel" }, { "summary":"CVE-2026-22998", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-22998&packageName=kernel" }, { "summary":"CVE-2026-23038", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-23038&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49190" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49309" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49829" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50151" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50159" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50616" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50735" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52927" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53250" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53254" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53521" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53594" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53712" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53840" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54048" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54145" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54321" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53179" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21981" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23138" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37766" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37770" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37947" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38068" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38154" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38250" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38480" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38556" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38572" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38574" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38618" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38676" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38728" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39676" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39702" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39744" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39749" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39797" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39828" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39853" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39860" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39913" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39945" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40018" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40105" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40215" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40271" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40280" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40342" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40346" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68192" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68285" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68819" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71084" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71091" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71120" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22998" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23038" }, { "summary":"openEuler-SA-2026-1341 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2026/csaf-openeuler-sa-2026-1341.json" } ], "title":"An update for kernel is now available for openEuler-22.03-LTS-SP4", "tracking":{ "initial_release_date":"2026-02-14T15:28:30+08:00", "revision_history":[ { "date":"2026-02-14T15:28:30+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2026-02-14T15:28:30+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2026-02-14T15:28:30+08:00", "id":"openEuler-SA-2026-1341", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"openEuler-22.03-LTS-SP4", "name":"openEuler-22.03-LTS-SP4" }, "name":"openEuler-22.03-LTS-SP4", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "name":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "name":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-5.10.0-301.0.0.204.oe2203sp4.src.rpm", "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.src.rpm" }, "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.src.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"perf-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "name":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"perf-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "name":"python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-5.10.0-301.0.0.204.oe2203sp4.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src", "name":"kernel-5.10.0-301.0.0.204.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2022-49190", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:kernel/resource: fix kfree() of bootmem memory againSince commit ebff7d8f270d ( mem hotunplug: fix kfree() of bootmemmemory ), we could get a resource allocated during boot viaalloc_resource(). And it s required to release the resource usingfree_resource(). Howerver, many people use kfree directly which willresult in kernel BUG. In order to fix this without fixing every callsite, just leak a couple of bytes in such corner case.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49190" }, { "cve":"CVE-2022-49309", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback()There is a deadlock in rtw_surveydone_event_callback(),which is shown below: (Thread 1) | (Thread 2) | _set_timer()rtw_surveydone_event_callback()| mod_timer() spin_lock_bh() //(1) | (wait a time) ... | rtw_scan_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (wait timer to stop) | ...We hold pmlmepriv->lock in position (1) of thread 1 and usedel_timer_sync() to wait timer to stop, but timer handleralso need pmlmepriv->lock in position (2) of thread 2.As a result, rtw_surveydone_event_callback() will block forever.This patch extracts del_timer_sync() from the protection ofspin_lock_bh(), which could let timer handler to obtainthe needed lock. What`s more, we change spin_lock_bh() inrtw_scan_timeout_handler() to spin_lock_irq(). Otherwise,spin_lock_bh() will also cause deadlock() in timer handler.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49309" }, { "cve":"CVE-2022-49829", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/scheduler: fix fence ref counting\n\nWe leaked dependency fences when processes were beeing killed.\n\nAdditional to that grab a reference to the last scheduled fence.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49829" }, { "cve":"CVE-2022-50151", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: fix random warning message when driver load\n\nWarning log:\n[ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to gfp: 0xa20 (GFP_ATOMIC). Fix your code!\n[ 4.150340] CPU: 1 PID: 175 Comm: 1-0050 Not tainted 5.15.5-00039-g2fd9ae1b568c #20\n[ 4.158010] Hardware name: Freescale i.MX8QXP MEK (DT)\n[ 4.163155] Call trace:\n[ 4.165600] dump_backtrace+0x0/0x1b0\n[ 4.169286] show_stack+0x18/0x68\n[ 4.172611] dump_stack_lvl+0x68/0x84\n[ 4.176286] dump_stack+0x18/0x34\n[ 4.179613] kmalloc_fix_flags+0x60/0x88\n[ 4.183550] new_slab+0x334/0x370\n[ 4.186878] ___slab_alloc.part.108+0x4d4/0x748\n[ 4.191419] __slab_alloc.isra.109+0x30/0x78\n[ 4.195702] kmem_cache_alloc+0x40c/0x420\n[ 4.199725] dma_pool_alloc+0xac/0x1f8\n[ 4.203486] cdns3_allocate_trb_pool+0xb4/0xd0\n\npool_alloc_page(struct dma_pool *pool, gfp_t mem_flags)\n{\n\t...\n\tpage = kmalloc(sizeof(*page), mem_flags);\n\tpage->vaddr = dma_alloc_coherent(pool->dev, pool->allocation,\n\t\t\t\t\t &page->dma, mem_flags);\n\t...\n}\n\nkmalloc was called with mem_flags, which is passed down in\ncdns3_allocate_trb_pool() and have GFP_DMA32 flags.\nkmall_fix_flags() report warning.\n\nGFP_DMA32 is not useful at all. dma_alloc_coherent() will handle\nDMA memory region correctly by pool->dev. GFP_DMA32 can be removed\nsafely.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2022-50151" }, { "cve":"CVE-2022-50159", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nof: check previous kernel's ima-kexec-buffer against memory bounds\n\nPresently ima_get_kexec_buffer() doesn't check if the previous kernel's\nima-kexec-buffer lies outside the addressable memory range. This can result\nin a kernel panic if the new kernel is booted with 'mem=X' arg and the\nima-kexec-buffer was allocated beyond that range by the previous kernel.\nThe panic is usually of the form below:\n\n$ sudo kexec --initrd initrd vmlinux --append='mem=16G'\n\n\n BUG: Unable to handle kernel data access on read at 0xc000c01fff7f0000\n Faulting instruction address: 0xc000000000837974\n Oops: Kernel access of bad area, sig: 11 [#1]\n\n NIP [c000000000837974] ima_restore_measurement_list+0x94/0x6c0\n LR [c00000000083b55c] ima_load_kexec_buffer+0xac/0x160\n Call Trace:\n [c00000000371fa80] [c00000000083b55c] ima_load_kexec_buffer+0xac/0x160\n [c00000000371fb00] [c0000000020512c4] ima_init+0x80/0x108\n [c00000000371fb70] [c0000000020514dc] init_ima+0x4c/0x120\n [c00000000371fbf0] [c000000000012240] do_one_initcall+0x60/0x2c0\n [c00000000371fcc0] [c000000002004ad0] kernel_init_freeable+0x344/0x3ec\n [c00000000371fda0] [c0000000000128a4] kernel_init+0x34/0x1b0\n [c00000000371fe10] [c00000000000ce64] ret_from_kernel_thread+0x5c/0x64\n Instruction dump:\n f92100b8 f92100c0 90e10090 910100a0 4182050c 282a0017 3bc00000 40810330\n 7c0802a6 fb610198 7c9b2378 f80101d0 2c090001 40820614 e9240010\n ---[ end trace 0000000000000000 ]---\n\nFix this issue by checking returned PFN range of previous kernel's\nima-kexec-buffer with page_is_ram() to ensure correct memory bounds.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-50159" }, { "cve":"CVE-2022-50616", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: Use different devices for resource allocation and DT lookup\n\nFollowing by the below discussion, there's the potential UAF issue\nbetween regulator and mfd.\nhttps://lore.kernel.org/all/", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.7, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-50616" }, { "cve":"CVE-2022-50735", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: do not run mt76u_status_worker if the device is not running\n\nFix the following NULL pointer dereference avoiding to run\nmt76u_status_worker thread if the device is not running yet.\n\nKASAN: null-ptr-deref in range\n[0x0000000000000000-0x0000000000000007]\nCPU: 0 PID: 98 Comm: kworker/u2:2 Not tainted 5.14.0+ #78 Hardware\nname: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\nWorkqueue: mt76 mt76u_tx_status_data\nRIP: 0010:mt76x02_mac_fill_tx_status.isra.0+0x82c/0x9e0\nCode: c5 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 0f 85 94 01 00 00\n48 b8 00 00 00 00 00 fc ff df 4d 8b 34 24 4c 89 f2 48 c1 ea 03 <0f>\nb6\n04 02 84 c0 74 08 3c 03 0f 8e 89 01 00 00 41 8b 16 41 0f b7\nRSP: 0018:ffffc900005af988 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffc900005afae8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff832fc661 RDI: ffffc900005afc2a\nRBP: ffffc900005afae0 R08: 0000000000000001 R09: fffff520000b5f3c\nR10: 0000000000000003 R11: fffff520000b5f3b R12: ffff88810b6132d8\nR13: 000000000000ffff R14: 0000000000000000 R15: ffffc900005afc28\nFS: 0000000000000000(0000) GS:ffff88811aa00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa0eda6a000 CR3: 0000000118f17000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n mt76x02_send_tx_status+0x1d2/0xeb0\n mt76x02_tx_status_data+0x8e/0xd0\n mt76u_tx_status_data+0xe1/0x240\n process_one_work+0x92b/0x1460\n worker_thread+0x95/0xe00\n kthread+0x3a1/0x480\n ret_from_fork+0x1f/0x30\nModules linked in:\n--[ end trace 8df5d20fc5040f65 ]--\nRIP: 0010:mt76x02_mac_fill_tx_status.isra.0+0x82c/0x9e0\nCode: c5 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 0f 85 94 01 00 00\n48 b8 00 00 00 00 00 fc ff df 4d 8b 34 24 4c 89 f2 48 c1 ea 03 <0f>\nb6\n04 02 84 c0 74 08 3c 03 0f 8e 89 01 00 00 41 8b 16 41 0f b7\nRSP: 0018:ffffc900005af988 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffc900005afae8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff832fc661 RDI: ffffc900005afc2a\nRBP: ffffc900005afae0 R08: 0000000000000001 R09: fffff520000b5f3c\nR10: 0000000000000003 R11: fffff520000b5f3b R12: ffff88810b6132d8\nR13: 000000000000ffff R14: 0000000000000000 R15: ffffc900005afc28\nFS: 0000000000000000(0000) GS:ffff88811aa00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa0eda6a000 CR3: 0000000118f17000 CR4: 0000000000750ef0\nPKRU: 55555554\n\nMoreover move stat_work schedule out of the for loop.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.1, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-50735" }, { "cve":"CVE-2023-52927", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-52927" }, { "cve":"CVE-2023-53250", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle\n\nKASAN reported a null-ptr-deref error:\n\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 0 PID: 1373 Comm: modprobe\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:dmi_sysfs_entry_release\n...\nCall Trace:\n \n kobject_put\n dmi_sysfs_register_handle (drivers/firmware/dmi-sysfs.c:540) dmi_sysfs\n dmi_decode_table (drivers/firmware/dmi_scan.c:133)\n dmi_walk (drivers/firmware/dmi_scan.c:1115)\n dmi_sysfs_init (drivers/firmware/dmi-sysfs.c:149) dmi_sysfs\n do_one_initcall (init/main.c:1296)\n ...\nKernel panic - not syncing: Fatal exception\nKernel Offset: 0x4000000 from 0xffffffff81000000\n---[ end Kernel panic - not syncing: Fatal exception ]---\n\nIt is because previous patch added kobject_put() to release the memory\nwhich will call dmi_sysfs_entry_release() and list_del().\n\nHowever, list_add_tail(entry->list) is called after the error block,\nso the list_head is uninitialized and cannot be deleted.\n\nMove error handling to after list_add_tail to fix this.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-53250" }, { "cve":"CVE-2023-53254", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncacheinfo: Fix shared_cpu_map to handle shared caches at different levels\n\nThe cacheinfo sets up the shared_cpu_map by checking whether the caches\nwith the same index are shared between CPUs. However, this will trigger\nslab-out-of-bounds access if the CPUs do not have the same cache hierarchy.\nAnother problem is the mismatched shared_cpu_map when the shared cache does\nnot have the same index between CPUs.\n\nCPU0\tI\tD\tL3\nindex\t0\t1\t2\tx\n\t^\t^\t^\t^\nindex\t0\t1\t2\t3\nCPU1\tI\tD\tL2\tL3\n\nThis patch checks each cache is shared with all caches on other CPUs.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-53254" }, { "cve":"CVE-2023-53521", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix slab-out-of-bounds in ses_intf_remove()\n\nA fix for:\n\nBUG: KASAN: slab-out-of-bounds in ses_intf_remove+0x23f/0x270 [ses]\nRead of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013\n\nWhen edev->components is zero, accessing edev->component[0] members is\nwrong.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.1, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-53521" }, { "cve":"CVE-2023-53594", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix resource leak in device_add()\n\nWhen calling kobject_add() failed in device_add(), it will call\ncleanup_glue_dir() to free resource. But in kobject_add(),\ndev->kobj.parent has been set to NULL. This will cause resource leak.\n\nThe process is as follows:\ndevice_add()\n\tget_device_parent()\n\t\tclass_dir_create_and_add()\n\t\t\tkobject_add()\t\t//kobject_get()\n\t...\n\tdev->kobj.parent = kobj;\n\t...\n\tkobject_add()\t\t//failed, but set dev->kobj.parent = NULL\n\t...\n\tglue_dir = get_glue_dir(dev)\t//glue_dir = NULL, and goto\n\t\t\t\t\t//\"Error\" label\n\t...\n\tcleanup_glue_dir()\t//becaues glue_dir is NULL, not call\n\t\t\t\t//kobject_put()\n\nThe preceding problem may cause insmod mac80211_hwsim.ko to failed.\nsysfs: cannot create duplicate filename '/devices/virtual/mac80211_hwsim'\nCall Trace:\n\ndump_stack_lvl+0x8e/0xd1\nsysfs_warn_dup.cold+0x1c/0x29\nsysfs_create_dir_ns+0x224/0x280\nkobject_add_internal+0x2aa/0x880\nkobject_add+0x135/0x1a0\nget_device_parent+0x3d7/0x590\ndevice_add+0x2aa/0x1cb0\ndevice_create_groups_vargs+0x1eb/0x260\ndevice_create+0xdc/0x110\nmac80211_hwsim_new_radio+0x31e/0x4790 [mac80211_hwsim]\ninit_mac80211_hwsim+0x48d/0x1000 [mac80211_hwsim]\ndo_one_initcall+0x10f/0x630\ndo_init_module+0x19f/0x5e0\nload_module+0x64b7/0x6eb0\n__do_sys_finit_module+0x140/0x200\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nkobject_add_internal failed for mac80211_hwsim with -EEXIST, don't try to\nregister things with the same name in the same directory.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-53594" }, { "cve":"CVE-2023-53712", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9317/1: kexec: Make smp stop calls asynchronous\n\nIf a panic is triggered by a hrtimer interrupt all online cpus will be\nnotified and set offline. But as highlighted by commit 19dbdcb8039c\n(\"smp: Warn on function calls from softirq context\") this call should\nnot be made synchronous with disabled interrupts:\n\n softdog: Initiating panic\n Kernel panic - not syncing: Software Watchdog Timer expired\n WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp_call_function_many_cond\n unwind_backtrace:\n show_stack\n dump_stack_lvl\n __warn\n warn_slowpath_fmt\n smp_call_function_many_cond\n smp_call_function\n crash_smp_send_stop.part.0\n machine_crash_shutdown\n __crash_kexec\n panic\n softdog_fire\n __hrtimer_run_queues\n hrtimer_interrupt\n\nMake the smp call for machine_crash_nonpanic_core() asynchronous.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-53712" }, { "cve":"CVE-2023-53840", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: early: xhci-dbc: Fix a potential out-of-bound memory access\n\nIf xdbc_bulk_write() fails, the values in 'buf' can be anything. So the\nstring is not guaranteed to be NULL terminated when xdbc_trace() is called.\n\nReserve an extra byte, which will be zeroed automatically because 'buf' is\na static variable, in order to avoid troubles, should it happen.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-53840" }, { "cve":"CVE-2023-54048", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Prevent handling any completions after qp destroy\n\nHW may generate completions that indicates QP is destroyed.\nDriver should not be scheduling any more completion handlers\nfor this QP, after the QP is destroyed. Since CQs are active\nduring the QP destroy, driver may still schedule completion\nhandlers. This can cause a race where the destroy_cq and poll_cq\nrunning simultaneously.\n\nSnippet of kernel panic while doing bnxt_re driver load unload in loop.\nThis indicates a poll after the CQ is freed. \n\n[77786.481636] Call Trace:\n[77786.481640]  \n[77786.481644]  bnxt_re_poll_cq+0x14a/0x620 [bnxt_re]\n[77786.481658]  ? kvm_clock_read+0x14/0x30\n[77786.481693]  __ib_process_cq+0x57/0x190 [ib_core]\n[77786.481728]  ib_cq_poll_work+0x26/0x80 [ib_core]\n[77786.481761]  process_one_work+0x1e5/0x3f0\n[77786.481768]  worker_thread+0x50/0x3a0\n[77786.481785]  ? __pfx_worker_thread+0x10/0x10\n[77786.481790]  kthread+0xe2/0x110\n[77786.481794]  ? __pfx_kthread+0x10/0x10\n[77786.481797]  ret_from_fork+0x2c/0x50\n\nTo avoid this, complete all completion handlers before returning the\ndestroy QP. If free_cq is called soon after destroy_qp, IB stack\nwill cancel the CQ work before invoking the destroy_cq verb and\nthis will prevent any race mentioned.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.9, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-54048" }, { "cve":"CVE-2023-54145", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log\n\nIt's trivial for user to trigger \"verifier log line truncated\" warning,\nas verifier has a fixed-sized buffer of 1024 bytes (as of now), and there are at\nleast two pieces of user-provided information that can be output through\nthis buffer, and both can be arbitrarily sized by user:\n - BTF names;\n - BTF.ext source code lines strings.\n\nVerifier log buffer should be properly sized for typical verifier state\noutput. But it's sort-of expected that this buffer won't be long enough\nin some circumstances. So let's drop the check. In any case code will\nwork correctly, at worst truncating a part of a single line output.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-54145" }, { "cve":"CVE-2023-54321", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential null-ptr-deref in device_add()\n\nI got the following null-ptr-deref report while doing fault injection test:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000058\nCPU: 2 PID: 278 Comm: 37-i2c-ds2482 Tainted: G B W N 6.1.0-rc3+\nRIP: 0010:klist_put+0x2d/0xd0\nCall Trace:\n \n klist_remove+0xf1/0x1c0\n device_release_driver_internal+0x196/0x210\n bus_remove_device+0x1bd/0x240\n device_add+0xd3d/0x1100\n w1_add_master_device+0x476/0x490 [wire]\n ds2482_probe+0x303/0x3e0 [ds2482]\n\nThis is how it happened:\n\nw1_alloc_dev()\n // The dev->driver is set to w1_master_driver.\n memcpy(&dev->dev, device, sizeof(struct device));\n device_add()\n bus_add_device()\n dpm_sysfs_add() // It fails, calls bus_remove_device.\n\n // error path\n bus_remove_device()\n // The dev->driver is not null, but driver is not bound.\n __device_release_driver()\n klist_remove(&dev->p->knode_driver) <-- It causes null-ptr-deref.\n\n // normal path\n bus_probe_device() // It's not called yet.\n device_bind_driver()\n\nIf dev->driver is set, in the error path after calling bus_add_device()\nin device_add(), bus_remove_device() is called, then the device will be\ndetached from driver. But device_bind_driver() is not called yet, so it\ncauses null-ptr-deref while access the 'knode_driver'. To fix this, set\ndev->driver to null in the error path before calling bus_remove_device().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-54321" }, { "cve":"CVE-2024-53179", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free of signing key\n\nCustomers have reported use-after-free in @ses->auth_key.response with\nSMB2.1 + sign mounts which occurs due to following race:\n\ntask A task B\ncifs_mount()\n dfs_mount_share()\n get_session()\n cifs_mount_get_session() cifs_send_recv()\n cifs_get_smb_ses() compound_send_recv()\n cifs_setup_session() smb2_setup_request()\n kfree_sensitive() smb2_calc_signature()\n crypto_shash_setkey() *UAF*\n\nFix this by ensuring that we have a valid @ses->auth_key.response by\nchecking whether @ses->ses_status is SES_GOOD or SES_EXITING with\n@ses->ses_lock held. After commit 24a9799aa8ef (\"smb: client: fix UAF\nin smb2_reconnect_server()\"), we made sure to call ->logoff() only\nwhen @ses was known to be good (e.g. valid ->auth_key.response), so\nit's safe to access signing key when @ses->ses_status == SES_EXITING.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53179" }, { "cve":"CVE-2025-21981", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [] __kmalloc_cache_noprof+0x275/0x340\n [] ice_init_arfs+0x3a/0xe0 [ice]\n [] ice_vsi_cfg_def+0x607/0x850 [ice]\n [] ice_vsi_setup+0x5b/0x130 [ice]\n [] ice_init+0x1c1/0x460 [ice]\n [] ice_probe+0x2af/0x520 [ice]\n [] local_pci_probe+0x43/0xa0\n [] work_for_cpu_fn+0x13/0x20\n [] process_one_work+0x179/0x390\n [] worker_thread+0x239/0x340\n [] kthread+0xcc/0x100\n [] ret_from_fork+0x2d/0x50\n [] ret_from_fork_asm+0x1a/0x30\n ...", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21981" }, { "cve":"CVE-2025-23138", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser->pipe_bufs without updating the pipe->nr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user->pipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It's unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-23138" }, { "cve":"CVE-2025-37766", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-37766" }, { "cve":"CVE-2025-37770", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-37770" }, { "cve":"CVE-2025-37947", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: prevent out-of-bounds stream writes by validating *pos\n\nksmbd_vfs_stream_write() did not validate whether the write offset\n(*pos) was within the bounds of the existing stream data length (v_len).\nIf *pos was greater than or equal to v_len, this could lead to an\nout-of-bounds memory write.\n\nThis patch adds a check to ensure *pos is less than v_len before\nproceeding. If the condition fails, -EINVAL is returned.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-37947" }, { "cve":"CVE-2025-38068", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-38068" }, { "cve":"CVE-2025-38154", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Avoid using sk_socket after free when sending\n\nThe sk->sk_socket is not locked or referenced in backlog thread, and\nduring the call to skb_send_sock(), there is a race condition with\nthe release of sk_socket. All types of sockets(tcp/udp/unix/vsock)\nwill be affected.\n\nRace conditions:\n'''\nCPU0 CPU1\n\nbacklog::skb_send_sock\n sendmsg_unlocked\n sock_sendmsg\n sock_sendmsg_nosec\n close(fd):\n ...\n ops->release() -> sock_map_close()\n sk_socket->ops = NULL\n free(socket)\n sock->ops->sendmsg\n ^\n panic here\n'''\n\nThe ref of psock become 0 after sock_map_close() executed.\n'''\nvoid sock_map_close()\n{\n ...\n if (likely(psock)) {\n ...\n // !! here we remove psock and the ref of psock become 0\n sock_map_remove_links(sk, psock)\n psock = sk_psock_get(sk);\n if (unlikely(!psock))\n goto no_psock; <=== Control jumps here via goto\n ...\n cancel_delayed_work_sync(&psock->work); <=== not executed\n sk_psock_put(sk, psock);\n ...\n}\n'''\n\nBased on the fact that we already wait for the workqueue to finish in\nsock_map_close() if psock is held, we simply increase the psock\nreference count to avoid race conditions.\n\nWith this patch, if the backlog thread is running, sock_map_close() will\nwait for the backlog thread to complete and cancel all pending work.\n\nIf no backlog running, any pending work that hasn't started by then will\nfail when invoked by sk_psock_get(), as the psock reference count have\nbeen zeroed, and sk_psock_drop() will cancel all jobs via\ncancel_delayed_work_sync().\n\nIn summary, we require synchronization to coordinate the backlog thread\nand close() thread.\n\nThe panic I catched:\n'''\nWorkqueue: events sk_psock_backlog\nRIP: 0010:sock_sendmsg+0x21d/0x440\nRAX: 0000000000000000 RBX: ffffc9000521fad8 RCX: 0000000000000001\n...\nCall Trace:\n \n ? die_addr+0x40/0xa0\n ? exc_general_protection+0x14c/0x230\n ? asm_exc_general_protection+0x26/0x30\n ? sock_sendmsg+0x21d/0x440\n ? sock_sendmsg+0x3e0/0x440\n ? __pfx_sock_sendmsg+0x10/0x10\n __skb_send_sock+0x543/0xb70\n sk_psock_backlog+0x247/0xb80\n...\n'''", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38154" }, { "cve":"CVE-2025-38250", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix use-after-free in vhci_flush()\n\nsyzbot reported use-after-free in vhci_flush() without repro. [0]\n\nFrom the splat, a thread close()d a vhci file descriptor while\nits device was being used by iotcl() on another thread.\n\nOnce the last fd refcnt is released, vhci_release() calls\nhci_unregister_dev(), hci_free_dev(), and kfree() for struct\nvhci_data, which is set to hci_dev->dev->driver_data.\n\nThe problem is that there is no synchronisation after unlinking\nhdev from hci_dev_list in hci_unregister_dev(). There might be\nanother thread still accessing the hdev which was fetched before\nthe unlink operation.\n\nWe can use SRCU for such synchronisation.\n\nLet's run hci_dev_reset() under SRCU and wait for its completion\nin hci_unregister_dev().\n\nAnother option would be to restore hci_dev->destruct(), which was\nremoved in commit 587ae086f6e4 (\"Bluetooth: Remove unused\nhci-destruct cb\"). However, this would not be a good solution, as\nwe should not run hci_unregister_dev() while there are in-flight\nioctl() requests, which could lead to another data-race KCSAN splat.\n\nNote that other drivers seem to have the same problem, for exmaple,\nvirtbt_remove().\n\n[0]:\nBUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\nBUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\nRead of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718\n\nCPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xd2/0x2b0 mm/kasan/report.c:521\n kasan_report+0x118/0x150 mm/kasan/report.c:634\n skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\n skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\n skb_queue_purge include/linux/skbuff.h:3368 [inline]\n vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69\n hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline]\n hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592\n sock_do_ioctl+0xd9/0x300 net/socket.c:1190\n sock_ioctl+0x576/0x790 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcf5b98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929\nRDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009\nRBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528\n \n\nAllocated by task 6535:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635\n misc_open+0x2bc/0x330 drivers/char/misc.c:161\n chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414\n do_dentry_open+0xdf0/0x1970 fs/open.c:964\n vfs_open+0x3b/0x340 fs/open.c:1094\n do_open fs/namei.c:3887 [inline]\n path_openat+0x2ee5/0x3830 fs/name\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38250" }, { "cve":"CVE-2025-38480", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fix use of uninitialized data in insn_rw_emulate_bits()\n\nFor Comedi `INSN_READ` and `INSN_WRITE` instructions on \"digital\"\nsubdevices (subdevice types `COMEDI_SUBD_DI`, `COMEDI_SUBD_DO`, and\n`COMEDI_SUBD_DIO`), it is common for the subdevice driver not to have\n`insn_read` and `insn_write` handler functions, but to have an\n`insn_bits` handler function for handling Comedi `INSN_BITS`\ninstructions. In that case, the subdevice's `insn_read` and/or\n`insn_write` function handler pointers are set to point to the\n`insn_rw_emulate_bits()` function by `__comedi_device_postconfig()`.\n\nFor `INSN_WRITE`, `insn_rw_emulate_bits()` currently assumes that the\nsupplied `data[0]` value is a valid copy from user memory. It will at\nleast exist because `do_insnlist_ioctl()` and `do_insn_ioctl()` in\n\"comedi_fops.c\" ensure at lease `MIN_SAMPLES` (16) elements are\nallocated. However, if `insn->n` is 0 (which is allowable for\n`INSN_READ` and `INSN_WRITE` instructions, then `data[0]` may contain\nuninitialized data, and certainly contains invalid data, possibly from a\ndifferent instruction in the array of instructions handled by\n`do_insnlist_ioctl()`. This will result in an incorrect value being\nwritten to the digital output channel (or to the digital input/output\nchannel if configured as an output), and may be reflected in the\ninternal saved state of the channel.\n\nFix it by returning 0 early if `insn->n` is 0, before reaching the code\nthat accesses `data[0]`. Previously, the function always returned 1 on\nsuccess, but it is supposed to be the number of data samples actually\nread or written up to `insn->n`, which is 0 in this case.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-38480" }, { "cve":"CVE-2025-38556", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn't reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38556" }, { "cve":"CVE-2025-38572", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb->transport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38572" }, { "cve":"CVE-2025-38574", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npptp: ensure minimal skb length in pptp_xmit()\n\nCommit aabc6596ffb3 (\"net: ppp: Add bound checking for skb data\non ppp_sync_txmung\") fixed ppp_sync_txmunge()\n\nWe need a similar fix in pptp_xmit(), otherwise we might\nread uninit data as reported by syzbot.\n\nBUG: KMSAN: uninit-value in pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2290 [inline]\n ppp_input+0x1d6/0xe60 drivers/net/ppp/ppp_generic.c:2314\n pppoe_rcv_core+0x1e8/0x760 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n pppoe_sendmsg+0x15d/0xcb0 drivers/net/ppp/pppoe.c:904\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x893/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmmsg+0x2d9/0x7c0 net/socket.c:2709", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.6, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-38574" }, { "cve":"CVE-2025-38618", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38618" }, { "cve":"CVE-2025-38676", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Avoid stack buffer overflow from kernel cmdline\n\nWhile the kernel command line is considered trusted in most environments,\navoid writing 1 byte past the end of \"acpiid\" if the \"str\" argument is\nmaximum length.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38676" }, { "cve":"CVE-2025-38728", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix for slab out of bounds on mount to ksmbd\n\nWith KASAN enabled, it is possible to get a slab out of bounds\nduring mount to ksmbd due to missing check in parse_server_interfaces()\n(see below):\n\n BUG: KASAN: slab-out-of-bounds in\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n Read of size 4 at addr ffff8881433dba98 by task mount/9827\n\n CPU: 5 UID: 0 PID: 9827 Comm: mount Tainted: G\n OE 6.16.0-rc2-kasan #2 PREEMPT(voluntary)\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: Dell Inc. Precision Tower 3620/0MWYPT,\n BIOS 2.13.1 06/14/2019\n Call Trace:\n \n dump_stack_lvl+0x9f/0xf0\n print_report+0xd1/0x670\n __virt_addr_valid+0x22c/0x430\n ? parse_server_interfaces+0x14ee/0x1880 [cifs]\n ? kasan_complete_mode_report_info+0x2a/0x1f0\n ? parse_server_interfaces+0x14ee/0x1880 [cifs]\n kasan_report+0xd6/0x110\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n __asan_report_load_n_noabort+0x13/0x20\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n ? __pfx_parse_server_interfaces+0x10/0x10 [cifs]\n ? trace_hardirqs_on+0x51/0x60\n SMB3_request_interfaces+0x1ad/0x3f0 [cifs]\n ? __pfx_SMB3_request_interfaces+0x10/0x10 [cifs]\n ? SMB2_tcon+0x23c/0x15d0 [cifs]\n smb3_qfs_tcon+0x173/0x2b0 [cifs]\n ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs]\n ? cifs_get_tcon+0x105d/0x2120 [cifs]\n ? do_raw_spin_unlock+0x5d/0x200\n ? cifs_get_tcon+0x105d/0x2120 [cifs]\n ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs]\n cifs_mount_get_tcon+0x369/0xb90 [cifs]\n ? dfs_cache_find+0xe7/0x150 [cifs]\n dfs_mount_share+0x985/0x2970 [cifs]\n ? check_path.constprop.0+0x28/0x50\n ? save_trace+0x54/0x370\n ? __pfx_dfs_mount_share+0x10/0x10 [cifs]\n ? __lock_acquire+0xb82/0x2ba0\n ? __kasan_check_write+0x18/0x20\n cifs_mount+0xbc/0x9e0 [cifs]\n ? __pfx_cifs_mount+0x10/0x10 [cifs]\n ? do_raw_spin_unlock+0x5d/0x200\n ? cifs_setup_cifs_sb+0x29d/0x810 [cifs]\n cifs_smb3_do_mount+0x263/0x1990 [cifs]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38728" }, { "cve":"CVE-2025-39676", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla4xxx: Prevent a potential error pointer dereference\n\nThe qla4xxx_get_ep_fwdb() function is supposed to return NULL on error,\nbut qla4xxx_ep_connect() returns error pointers. Propagating the error\npointers will lead to an Oops in the caller, so change the error pointers\nto NULL.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-39676" }, { "cve":"CVE-2025-39702", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39702" }, { "cve":"CVE-2025-39744", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Fix rcu_read_unlock() deadloop due to IRQ work\n\nDuring rcu_read_unlock_special(), if this happens during irq_exit(), we\ncan lockup if an IPI is issued. This is because the IPI itself triggers\nthe irq_exit() path causing a recursive lock up.\n\nThis is precisely what Xiongfeng found when invoking a BPF program on\nthe trace_tick_stop() tracepoint As shown in the trace below. Fix by\nmanaging the irq_work state correctly.\n\nirq_exit()\n __irq_exit_rcu()\n /* in_hardirq() returns false after this */\n preempt_count_sub(HARDIRQ_OFFSET)\n tick_irq_exit()\n tick_nohz_irq_exit()\n\t tick_nohz_stop_sched_tick()\n\t trace_tick_stop() /* a bpf prog is hooked on this trace point */\n\t\t __bpf_trace_tick_stop()\n\t\t bpf_trace_run2()\n\t\t\t rcu_read_unlock_special()\n /* will send a IPI to itself */\n\t\t\t irq_work_queue_on(&rdp->defer_qs_iw, rdp->cpu);\n\nA simple reproducer can also be obtained by doing the following in\ntick_irq_exit(). It will hang on boot without the patch:\n\n static inline void tick_irq_exit(void)\n {\n +\trcu_read_lock();\n +\tWRITE_ONCE(current->rcu_read_unlock_special.b.need_qs, true);\n +\trcu_read_unlock();\n +\n\n[neeraj: Apply Frederic's suggested fix for PREEMPT_RT]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39744" }, { "cve":"CVE-2025-39749", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Protect ->defer_qs_iw_pending from data race\n\nOn kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is\ninvoked within an interrupts-disabled region of code [1], it will invoke\nrcu_read_unlock_special(), which uses an irq-work handler to force the\nsystem to notice when the RCU read-side critical section actually ends.\nThat end won't happen until interrupts are enabled at the soonest.\n\nIn some kernels, such as those booted with rcutree.use_softirq=y, the\nirq-work handler is used unconditionally.\n\nThe per-CPU rcu_data structure's ->defer_qs_iw_pending field is\nupdated by the irq-work handler and is both read and updated by\nrcu_read_unlock_special(). This resulted in the following KCSAN splat:\n\n------------------------------------------------------------------------\n\nBUG: KCSAN: data-race in rcu_preempt_deferred_qs_handler / rcu_read_unlock_special\n\nread to 0xffff96b95f42d8d8 of 1 bytes by task 90 on cpu 8:\n rcu_read_unlock_special+0x175/0x260\n __rcu_read_unlock+0x92/0xa0\n rt_spin_unlock+0x9b/0xc0\n __local_bh_enable+0x10d/0x170\n __local_bh_enable_ip+0xfb/0x150\n rcu_do_batch+0x595/0xc40\n rcu_cpu_kthread+0x4e9/0x830\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nwrite to 0xffff96b95f42d8d8 of 1 bytes by task 88 on cpu 8:\n rcu_preempt_deferred_qs_handler+0x1e/0x30\n irq_work_single+0xaf/0x160\n run_irq_workd+0x91/0xc0\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nno locks held by irq_work/8/88.\nirq event stamp: 200272\nhardirqs last enabled at (200272): [] finish_task_switch+0x131/0x320\nhardirqs last disabled at (200271): [] __schedule+0x129/0xd70\nsoftirqs last enabled at (0): [] copy_process+0x4df/0x1cc0\nsoftirqs last disabled at (0): [<0000000000000000>] 0x0\n\n------------------------------------------------------------------------\n\nThe problem is that irq-work handlers run with interrupts enabled, which\nmeans that rcu_preempt_deferred_qs_handler() could be interrupted,\nand that interrupt handler might contain an RCU read-side critical\nsection, which might invoke rcu_read_unlock_special(). In the strict\nKCSAN mode of operation used by RCU, this constitutes a data race on\nthe ->defer_qs_iw_pending field.\n\nThis commit therefore disables interrupts across the portion of the\nrcu_preempt_deferred_qs_handler() that updates the ->defer_qs_iw_pending\nfield. This suffices because this handler is not a fast path.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39749" }, { "cve":"CVE-2025-39797", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39797" }, { "cve":"CVE-2025-39828", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().\n\nsyzbot reported the splat below. [0]\n\nWhen atmtcp_v_open() or atmtcp_v_close() is called via connect()\nor close(), atmtcp_send_control() is called to send an in-kernel\nspecial message.\n\nThe message has ATMTCP_HDR_MAGIC in atmtcp_control.hdr.length.\nAlso, a pointer of struct atm_vcc is set to atmtcp_control.vcc.\n\nThe notable thing is struct atmtcp_control is uAPI but has a\nspace for an in-kernel pointer.\n\n struct atmtcp_control {\n \tstruct atmtcp_hdr hdr;\t/* must be first */\n ...\n \tatm_kptr_t vcc;\t\t/* both directions */\n ...\n } __ATM_API_ALIGN;\n\n typedef struct { unsigned char _[8]; } __ATM_API_ALIGN atm_kptr_t;\n\nThe special message is processed in atmtcp_recv_control() called\nfrom atmtcp_c_send().\n\natmtcp_c_send() is vcc->dev->ops->send() and called from 2 paths:\n\n 1. .ndo_start_xmit() (vcc->send() == atm_send_aal0())\n 2. vcc_sendmsg()\n\nThe problem is sendmsg() does not validate the message length and\nuserspace can abuse atmtcp_recv_control() to overwrite any kptr\nby atmtcp_control.\n\nLet's add a new ->pre_send() hook to validate messages from sendmsg().\n\n[0]:\nOops: general protection fault, probably for non-canonical address 0xdffffc00200000ab: 0000 [#1] SMP KASAN PTI\nKASAN: probably user-memory-access in range [0x0000000100000558-0x000000010000055f]\nCPU: 0 UID: 0 PID: 5865 Comm: syz-executor331 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:atmtcp_recv_control drivers/atm/atmtcp.c:93 [inline]\nRIP: 0010:atmtcp_c_send+0x1da/0x950 drivers/atm/atmtcp.c:297\nCode: 4d 8d 75 1a 4c 89 f0 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 15 06 00 00 41 0f b7 1e 4d 8d b7 60 05 00 00 4c 89 f0 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 13 06 00 00 66 41 89 1e 4d 8d 75 1c 4c\nRSP: 0018:ffffc90003f5f810 EFLAGS: 00010203\nRAX: 00000000200000ab RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802a510000 RSI: 00000000ffffffff RDI: ffff888030a6068c\nRBP: ffff88802699fb40 R08: ffff888030a606eb R09: 1ffff1100614c0dd\nR10: dffffc0000000000 R11: ffffffff8718fc40 R12: dffffc0000000000\nR13: ffff888030a60680 R14: 000000010000055f R15: 00000000ffffffff\nFS: 00007f8d7e9236c0(0000) GS:ffff888125c1c000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000045ad50 CR3: 0000000075bde000 CR4: 00000000003526f0\nCall Trace:\n \n vcc_sendmsg+0xa10/0xc60 net/atm/common.c:645\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:729\n ____sys_sendmsg+0x505/0x830 net/socket.c:2614\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668\n __sys_sendmsg net/socket.c:2700 [inline]\n __do_sys_sendmsg net/socket.c:2705 [inline]\n __se_sys_sendmsg net/socket.c:2703 [inline]\n __x64_sys_sendmsg+0x19b/0x260 net/socket.c:2703\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f8d7e96a4a9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f8d7e923198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f8d7e9f4308 RCX: 00007f8d7e96a4a9\nRDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005\nRBP: 00007f8d7e9f4300 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f8d7e9c10ac\nR13: 00007f8d7e9231a0 R14: 0000200000000200 R15: 0000200000000250\n \nModules linked in:", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39828" }, { "cve":"CVE-2025-39853", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix potential invalid access when MAC list is empty\n\nlist_first_entry() never returns NULL - if the list is empty, it still\nreturns a pointer to an invalid object, leading to potential invalid\nmemory access when dereferenced.\n\nFix this by using list_first_entry_or_null instead of list_first_entry.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39853" }, { "cve":"CVE-2025-39860", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()\n\nsyzbot reported the splat below without a repro.\n\nIn the splat, a single thread calling bt_accept_dequeue() freed sk\nand touched it after that.\n\nThe root cause would be the racy l2cap_sock_cleanup_listen() call\nadded by the cited commit.\n\nbt_accept_dequeue() is called under lock_sock() except for\nl2cap_sock_release().\n\nTwo threads could see the same socket during the list iteration\nin bt_accept_dequeue():\n\n CPU1 CPU2 (close())\n ---- ----\n sock_hold(sk) sock_hold(sk);\n lock_sock(sk) <-- block close()\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- refcnt by bt_accept_enqueue()\n release_sock(sk)\n lock_sock(sk)\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- last refcnt\n bt_accept_unlink(sk) <-- UAF\n\nDepending on the timing, the other thread could show up in the\n\"Freed by task\" part.\n\nLet's call l2cap_sock_cleanup_listen() under lock_sock() in\nl2cap_sock_release().\n\n[0]:\nBUG: KASAN: slab-use-after-free in debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\nBUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\nRead of size 4 at addr ffff88803b7eb1c4 by task syz.5.3276/16995\nCPU: 3 UID: 0 PID: 16995 Comm: syz.5.3276 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcd/0x630 mm/kasan/report.c:482\n kasan_report+0xe0/0x110 mm/kasan/report.c:595\n debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\n do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n release_sock+0x21/0x220 net/core/sock.c:3746\n bt_accept_dequeue+0x505/0x600 net/bluetooth/af_bluetooth.c:312\n l2cap_sock_cleanup_listen+0x5c/0x2a0 net/bluetooth/l2cap_sock.c:1451\n l2cap_sock_release+0x5c/0x210 net/bluetooth/l2cap_sock.c:1425\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x3ff/0xb70 fs/file_table.c:468\n task_work_run+0x14d/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xeb/0x110 kernel/entry/common.c:43\n exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]\n do_syscall_64+0x3f6/0x4c0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2accf8ebe9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffdb6cb1378 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 00000000000426fb RCX: 00007f2accf8ebe9\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007f2acd1b7da0 R08: 0000000000000001 R09: 00000012b6cb166f\nR10: 0000001b30e20000 R11: 0000000000000246 R12: 00007f2acd1b609c\nR13: 00007f2acd1b6090 R14: ffffffffffffffff R15: 00007ffdb6cb1490\n \n\nAllocated by task 5326:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4365 [inline]\n __kmalloc_nopro\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-39860" }, { "cve":"CVE-2025-39913", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork.\n\nsyzbot reported the splat below. [0]\n\nThe repro does the following:\n\n 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(msg, cork_bytes)\n 2. Attach the prog to a SOCKMAP\n 3. Add a socket to the SOCKMAP\n 4. Activate fault injection\n 5. Send data less than cork_bytes\n\nAt 5., the data is carried over to the next sendmsg() as it is\nsmaller than the cork_bytes specified by bpf_msg_cork_bytes().\n\nThen, tcp_bpf_send_verdict() tries to allocate psock->cork to hold\nthe data, but this fails silently due to fault injection + __GFP_NOWARN.\n\nIf the allocation fails, we need to revert the sk->sk_forward_alloc\nchange done by sk_msg_alloc().\n\nLet's call sk_msg_free() when tcp_bpf_send_verdict fails to allocate\npsock->cork.\n\nThe \"*copied\" also needs to be updated such that a proper error can\nbe returned to the caller, sendmsg. It fails to allocate psock->cork.\nNothing has been corked so far, so this patch simply sets \"*copied\"\nto 0.\n\n[0]:\nWARNING: net/ipv4/af_inet.c:156 at inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156, CPU#1: syz-executor/5983\nModules linked in:\nCPU: 1 UID: 0 PID: 5983 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156\nCode: 0f 0b 90 e9 62 fe ff ff e8 7a db b5 f7 90 0f 0b 90 e9 95 fe ff ff e8 6c db b5 f7 90 0f 0b 90 e9 bb fe ff ff e8 5e db b5 f7 90 <0f> 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc\nRSP: 0018:ffffc90000a08b48 EFLAGS: 00010246\nRAX: ffffffff8a09d0b2 RBX: dffffc0000000000 RCX: ffff888024a23c80\nRDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000\nRBP: 0000000000000fff R08: ffff88807e07c627 R09: 1ffff1100fc0f8c4\nR10: dffffc0000000000 R11: ffffed100fc0f8c5 R12: ffff88807e07c380\nR13: dffffc0000000000 R14: ffff88807e07c60c R15: 1ffff1100fc0f872\nFS: 00005555604c4500(0000) GS:ffff888125af1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555604df5c8 CR3: 0000000032b06000 CR4: 00000000003526f0\nCall Trace:\n \n __sk_destruct+0x86/0x660 net/core/sock.c:2339\n rcu_do_batch kernel/rcu/tree.c:2605 [inline]\n rcu_core+0xca8/0x1770 kernel/rcu/tree.c:2861\n handle_softirqs+0x286/0x870 kernel/softirq.c:579\n __do_softirq kernel/softirq.c:613 [inline]\n invoke_softirq kernel/softirq.c:453 [inline]\n __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:696\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1052\n ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39913" }, { "cve":"CVE-2025-39945", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncnic: Fix use-after-free bugs in cnic_delete_task\n\nThe original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(),\nwhich does not guarantee that the delayed work item 'delete_task' has\nfully completed if it was already running. Additionally, the delayed work\nitem is cyclic, the flush_workqueue() in cnic_cm_stop_bnx2x_hw() only\nblocks and waits for work items that were already queued to the\nworkqueue prior to its invocation. Any work items submitted after\nflush_workqueue() is called are not included in the set of tasks that the\nflush operation awaits. This means that after the cyclic work items have\nfinished executing, a delayed work item may still exist in the workqueue.\nThis leads to use-after-free scenarios where the cnic_dev is deallocated\nby cnic_free_dev(), while delete_task remains active and attempt to\ndereference cnic_dev in cnic_delete_task().\n\nA typical race condition is illustrated below:\n\nCPU 0 (cleanup) | CPU 1 (delayed work callback)\ncnic_netdev_event() |\n cnic_stop_hw() | cnic_delete_task()\n cnic_cm_stop_bnx2x_hw() | ...\n cancel_delayed_work() | /* the queue_delayed_work()\n flush_workqueue() | executes after flush_workqueue()*/\n | queue_delayed_work()\n cnic_free_dev(dev)//free | cnic_delete_task() //new instance\n | dev = cp->dev; //use\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the cyclic delayed work item is properly canceled and that any\nongoing execution of the work item completes before the cnic_dev is\ndeallocated. Furthermore, since cancel_delayed_work_sync() uses\n__flush_work(work, true) to synchronously wait for any currently\nexecuting instance of the work item to finish, the flush_workqueue()\nbecomes redundant and should be removed.\n\nThis bug was identified through static analysis. To reproduce the issue\nand validate the fix, I simulated the cnic PCI device in QEMU and\nintroduced intentional delays — such as inserting calls to ssleep()\nwithin the cnic_delete_task() function — to increase the likelihood\nof triggering the bug.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.8, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-39945" }, { "cve":"CVE-2025-40018", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: Defer ip_vs_ftp unregister during netns cleanup\n\nOn the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp\nbefore connections with valid cp->app pointers are flushed, leading to a\nuse-after-free.\n\nFix this by introducing a global `exiting_module` flag, set to true in\nip_vs_ftp_exit() before unregistering the pernet subsystem. In\n__ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns\ncleanup (when exiting_module is false) and defer it to\n__ip_vs_cleanup_batch(), which unregisters all apps after all connections\nare flushed. If called during module exit, unregister ip_vs_ftp\nimmediately.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.6, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40018" }, { "cve":"CVE-2025-40105", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: Don't leak disconnected dentries on umount\n\nWhen user calls open_by_handle_at() on some inode that is not cached, we\nwill create disconnected dentry for it. If such dentry is a directory,\nexportfs_decode_fh_raw() will then try to connect this dentry to the\ndentry tree through reconnect_path(). It may happen for various reasons\n(such as corrupted fs or race with rename) that the call to\nlookup_one_unlocked() in reconnect_one() will fail to find the dentry we\nare trying to reconnect and instead create a new dentry under the\nparent. Now this dentry will not be marked as disconnected although the\nparent still may well be disconnected (at least in case this\ninconsistency happened because the fs is corrupted and .. doesn't point\nto the real parent directory). This creates inconsistency in\ndisconnected flags but AFAICS it was mostly harmless. At least until\ncommit f1ee616214cb (\"VFS: don't keep disconnected dentries on d_anon\")\nwhich removed adding of most disconnected dentries to sb->s_anon list.\nThus after this commit cleanup of disconnected dentries implicitely\nrelies on the fact that dput() will immediately reclaim such dentries.\nHowever when some leaf dentry isn't marked as disconnected, as in the\nscenario described above, the reclaim doesn't happen and the dentries\nare \"leaked\". Memory reclaim can eventually reclaim them but otherwise\nthey stay in memory and if umount comes first, we hit infamous \"Busy\ninodes after unmount\" bug. Make sure all dentries created under a\ndisconnected parent are marked as disconnected as well.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40105" }, { "cve":"CVE-2025-40215", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: delete x->tunnel as we delete x\n\nThe ipcomp fallback tunnels currently get deleted (from the various\nlists and hashtables) as the last user state that needed that fallback\nis destroyed (not deleted). If a reference to that user state still\nexists, the fallback state will remain on the hashtables/lists,\ntriggering the WARN in xfrm_state_fini. Because of those remaining\nreferences, the fix in commit f75a2804da39 (\"xfrm: destroy xfrm_state\nsynchronously on net exit path\") is not complete.\n\nWe recently fixed one such situation in TCP due to defered freeing of\nskbs (commit 9b6412e6979f (\"tcp: drop secpath at the same time as we\ncurrently drop dst\")). This can also happen due to IP reassembly: skbs\nwith a secpath remain on the reassembly queue until netns\ndestruction. If we can't guarantee that the queues are flushed by the\ntime xfrm_state_fini runs, there may still be references to a (user)\nxfrm_state, preventing the timely deletion of the corresponding\nfallback state.\n\nInstead of chasing each instance of skbs holding a secpath one by one,\nthis patch fixes the issue directly within xfrm, by deleting the\nfallback state as soon as the last user state depending on it has been\ndeleted. Destruction will still happen when the final reference is\ndropped.\n\nA separate lockdep class for the fallback state is required since\nwe're going to lock x->tunnel while x is locked.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40215" }, { "cve":"CVE-2025-40271", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: fix uaf in proc_readdir_de()\n\nPde is erased from subdir rbtree through rb_erase(), but not set the node\nto EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE()\nset the erased node to EMPTY, then pde_subdir_next() will return NULL to\navoid uaf access.\n\nWe found an uaf issue while using stress-ng testing, need to run testcase\ngetdent and tun in the same time. The steps of the issue is as follows:\n\n1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current\n pde is tun3;\n\n2) in the [time windows] unregister netdevice tun3 and tun2, and erase\n them from rbtree. erase tun3 first, and then erase tun2. the\n pde(tun2) will be released to slab;\n\n3) continue to getdent process, then pde_subdir_next() will return\n pde(tun2) which is released, it will case uaf access.\n\nCPU 0 | CPU 1\n-------------------------------------------------------------------------\ntraverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2\nsys_getdents64() |\n iterate_dir() |\n proc_readdir() |\n proc_readdir_de() | snmp6_unregister_dev()\n pde_get(de); | proc_remove()\n read_unlock(&proc_subdir_lock); | remove_proc_subtree()\n | write_lock(&proc_subdir_lock);\n [time window] | rb_erase(&root->subdir_node, &parent->subdir);\n | write_unlock(&proc_subdir_lock);\n read_lock(&proc_subdir_lock); |\n next = pde_subdir_next(de); |\n pde_put(de); |\n de = next; //UAF |\n\nrbtree of dev_snmp6\n |\n pde(tun3)\n / \\\n NULL pde(tun2)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-40271" }, { "cve":"CVE-2025-40280", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_mon_reinit_self().\n\nsyzbot reported use-after-free of tipc_net(net)->monitors[]\nin tipc_mon_reinit_self(). [0]\n\nThe array is protected by RTNL, but tipc_mon_reinit_self()\niterates over it without RTNL.\n\ntipc_mon_reinit_self() is called from tipc_net_finalize(),\nwhich is always under RTNL except for tipc_net_finalize_work().\n\nLet's hold RTNL in tipc_net_finalize_work().\n\n[0]:\nBUG: KASAN: slab-use-after-free in __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\nBUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0xa7/0xf0 kernel/locking/spinlock.c:162\nRead of size 1 at addr ffff88805eae1030 by task kworker/0:7/5989\n\nCPU: 0 UID: 0 PID: 5989 Comm: kworker/0:7 Not tainted syzkaller #0 PREEMPT_{RT,(full)}\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025\nWorkqueue: events tipc_net_finalize_work\nCall Trace:\n \n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n __kasan_check_byte+0x2a/0x40 mm/kasan/common.c:568\n kasan_check_byte include/linux/kasan.h:399 [inline]\n lock_acquire+0x8d/0x360 kernel/locking/lockdep.c:5842\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xa7/0xf0 kernel/locking/spinlock.c:162\n rtlock_slowlock kernel/locking/rtmutex.c:1894 [inline]\n rwbase_rtmutex_lock_state kernel/locking/spinlock_rt.c:160 [inline]\n rwbase_write_lock+0xd3/0x7e0 kernel/locking/rwbase_rt.c:244\n rt_write_lock+0x76/0x110 kernel/locking/spinlock_rt.c:243\n write_lock_bh include/linux/rwlock_rt.h:99 [inline]\n tipc_mon_reinit_self+0x79/0x430 net/tipc/monitor.c:718\n tipc_net_finalize+0x115/0x190 net/tipc/net.c:140\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3319\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400\n kthread+0x70e/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x439/0x7d0 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \n\nAllocated by task 6089:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x1a8/0x320 mm/slub.c:4407\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n tipc_mon_create+0xc3/0x4d0 net/tipc/monitor.c:657\n tipc_enable_bearer net/tipc/bearer.c:357 [inline]\n __tipc_nl_bearer_enable+0xe16/0x13f0 net/tipc/bearer.c:1047\n __tipc_nl_compat_doit net/tipc/netlink_compat.c:371 [inline]\n tipc_nl_compat_doit+0x3bc/0x5f0 net/tipc/netlink_compat.c:393\n tipc_nl_compat_handle net/tipc/netlink_compat.c:-1 [inline]\n tipc_nl_compat_recv+0x83c/0xbe0 net/tipc/netlink_compat.c:1321\n genl_family_rcv_msg_doit+0x215/0x300 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x60e/0x790 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0x846/0xa10 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x21c/0x270 net/socket.c:729\n ____sys_sendmsg+0x508/0x820 net/socket.c:2614\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668\n __sys_sendmsg net/socket.c:2700 [inline]\n __do_sys_sendmsg net/socket.c:2705 [inline]\n __se_sys_sendmsg net/socket.c:2703 [inline]\n __x64_sys_sendmsg+0x1a1/0x260 net/socket.c:2703\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40280" }, { "cve":"CVE-2025-40342", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fc: use lock accessing port_state and rport state\n\nnvme_fc_unregister_remote removes the remote port on a lport object at\nany point in time when there is no active association. This races with\nwith the reconnect logic, because nvme_fc_create_association is not\ntaking a lock to check the port_state and atomically increase the\nactive count on the rport.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40342" }, { "cve":"CVE-2025-40346", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\narch_topology: Fix incorrect error check in topology_parse_cpu_capacity()\n\nFix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity()\nwhich causes the code to proceed with NULL clock pointers. The current\nlogic uses !PTR_ERR_OR_ZERO(cpu_clk) which evaluates to true for both\nvalid pointers and NULL, leading to potential NULL pointer dereference\nin clk_get_rate().\n\nPer include/linux/err.h documentation, PTR_ERR_OR_ZERO(ptr) returns:\n\"The error code within @ptr if it is an error pointer; 0 otherwise.\"\n\nThis means PTR_ERR_OR_ZERO() returns 0 for both valid pointers AND NULL\npointers. Therefore !PTR_ERR_OR_ZERO(cpu_clk) evaluates to true (proceed)\nwhen cpu_clk is either valid or NULL, causing clk_get_rate(NULL) to be\ncalled when of_clk_get() returns NULL.\n\nReplace with !IS_ERR_OR_NULL(cpu_clk) which only proceeds for valid\npointers, preventing potential NULL pointer dereference in clk_get_rate().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40346" }, { "cve":"CVE-2025-68192", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup\n\nRaw IP packets have no MAC header, leaving skb->mac_header uninitialized.\nThis can trigger kernel panics on ARM64 when xfrm or other subsystems\naccess the offset due to strict alignment checks.\n\nInitialize the MAC header to prevent such crashes.\n\nThis can trigger kernel panics on ARM when running IPsec over the\nqmimux0 interface.\n\nExample trace:\n\n Internal error: Oops: 000000009600004f [#1] SMP\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.34-gbe78e49cb433 #1\n Hardware name: LS1028A RDB Board (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : xfrm_input+0xde8/0x1318\n lr : xfrm_input+0x61c/0x1318\n sp : ffff800080003b20\n Call trace:\n xfrm_input+0xde8/0x1318\n xfrm6_rcv+0x38/0x44\n xfrm6_esp_rcv+0x48/0xa8\n ip6_protocol_deliver_rcu+0x94/0x4b0\n ip6_input_finish+0x44/0x70\n ip6_input+0x44/0xc0\n ipv6_rcv+0x6c/0x114\n __netif_receive_skb_one_core+0x5c/0x8c\n __netif_receive_skb+0x18/0x60\n process_backlog+0x78/0x17c\n __napi_poll+0x38/0x180\n net_rx_action+0x168/0x2f0", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-68192" }, { "cve":"CVE-2025-68285", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: fix potential use-after-free in have_mon_and_osd_map()\n\nThe wait loop in __ceph_open_session() can race with the client\nreceiving a new monmap or osdmap shortly after the initial map is\nreceived. Both ceph_monc_handle_map() and handle_one_map() install\na new map immediately after freeing the old one\n\n kfree(monc->monmap);\n monc->monmap = monmap;\n\n ceph_osdmap_destroy(osdc->osdmap);\n osdc->osdmap = newmap;\n\nunder client->monc.mutex and client->osdc.lock respectively, but\nbecause neither is taken in have_mon_and_osd_map() it's possible for\nclient->monc.monmap->epoch and client->osdc.osdmap->epoch arms in\n\n client->monc.monmap && client->monc.monmap->epoch &&\n client->osdc.osdmap && client->osdc.osdmap->epoch;\n\ncondition to dereference an already freed map. This happens to be\nreproducible with generic/395 and generic/397 with KASAN enabled:\n\n BUG: KASAN: slab-use-after-free in have_mon_and_osd_map+0x56/0x70\n Read of size 4 at addr ffff88811012d810 by task mount.ceph/13305\n CPU: 2 UID: 0 PID: 13305 Comm: mount.ceph Not tainted 6.14.0-rc2-build2+ #1266\n ...\n Call Trace:\n \n have_mon_and_osd_map+0x56/0x70\n ceph_open_session+0x182/0x290\n ceph_get_tree+0x333/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \n\n Allocated by task 13305:\n ceph_osdmap_alloc+0x16/0x130\n ceph_osdc_init+0x27a/0x4c0\n ceph_create_client+0x153/0x190\n create_fs_client+0x50/0x2a0\n ceph_get_tree+0xff/0x680\n vfs_get_tree+0x49/0x180\n do_new_mount+0x1a3/0x2d0\n path_mount+0x6dd/0x730\n do_mount+0x99/0xe0\n __do_sys_mount+0x141/0x180\n do_syscall_64+0x9f/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Freed by task 9475:\n kfree+0x212/0x290\n handle_one_map+0x23c/0x3b0\n ceph_osdc_handle_map+0x3c9/0x590\n mon_dispatch+0x655/0x6f0\n ceph_con_process_message+0xc3/0xe0\n ceph_con_v1_try_read+0x614/0x760\n ceph_con_workfn+0x2de/0x650\n process_one_work+0x486/0x7c0\n process_scheduled_works+0x73/0x90\n worker_thread+0x1c8/0x2a0\n kthread+0x2ec/0x300\n ret_from_fork+0x24/0x40\n ret_from_fork_asm+0x1a/0x30\n\nRewrite the wait loop to check the above condition directly with\nclient->monc.mutex and client->osdc.lock taken as appropriate. While\nat it, improve the timeout handling (previously mount_timeout could be\nexceeded in case wait_event_interruptible_timeout() slept more than\nonce) and access client->auth_err under client->monc.mutex to match\nhow it's set in finish_auth().\n\nmonmap_show() and osdmap_show() now take the respective lock before\naccessing the map as well.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-68285" }, { "cve":"CVE-2025-68819", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()\n\nrlen value is a user-controlled value, but dtv5100_i2c_msg() does not\ncheck the size of the rlen value. Therefore, if it is set to a value\nlarger than sizeof(st->data), an out-of-bounds vuln occurs for st->data.\n\nTherefore, we need to add proper range checking to prevent this vuln.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-68819" }, { "cve":"CVE-2025-71084", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cm: Fix leaking the multicast GID table reference\n\nIf the CM ID is destroyed while the CM event for multicast creating is\nstill queued the cancel_work_sync() will prevent the work from running\nwhich also prevents destroying the ah_attr. This leaks a refcount and\ntriggers a WARN:\n\n GID entry ref leak for dev syz1 index 2 ref=573\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 release_gid_table drivers/infiniband/core/cache.c:806 [inline]\n WARNING: CPU: 1 PID: 655 at drivers/infiniband/core/cache.c:809 gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886\n\nDestroy the ah_attr after canceling the work, it is safe to call this\ntwice.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":2.5, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-71084" }, { "cve":"CVE-2025-71091", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nteam: fix check for port enabled in team_queue_override_port_prio_changed()\n\nThere has been a syzkaller bug reported recently with the following\ntrace:\n\nlist_del corruption, ffff888058bea080->prev is LIST_POISON2 (dead000000000122)\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:59!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nCPU: 3 UID: 0 PID: 21246 Comm: syz.0.2928 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:__list_del_entry_valid_or_report+0x13e/0x200 lib/list_debug.c:59\nCode: 48 c7 c7 e0 71 f0 8b e8 30 08 ef fc 90 0f 0b 48 89 ef e8 a5 02 55 fd 48 89 ea 48 89 de 48 c7 c7 40 72 f0 8b e8 13 08 ef fc 90 <0f> 0b 48 89 ef e8 88 02 55 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d49f370 EFLAGS: 00010286\nRAX: 000000000000004e RBX: ffff888058bea080 RCX: ffffc9002817d000\nRDX: 0000000000000000 RSI: ffffffff819becc6 RDI: 0000000000000005\nRBP: dead000000000122 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000080000000 R11: 0000000000000001 R12: ffff888039e9c230\nR13: ffff888058bea088 R14: ffff888058bea080 R15: ffff888055461480\nFS: 00007fbbcfe6f6c0(0000) GS:ffff8880d6d0a000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000110c3afcb0 CR3: 00000000382c7000 CR4: 0000000000352ef0\nCall Trace:\n \n __list_del_entry_valid include/linux/list.h:132 [inline]\n __list_del_entry include/linux/list.h:223 [inline]\n list_del_rcu include/linux/rculist.h:178 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:826 [inline]\n __team_queue_override_port_del drivers/net/team/team_core.c:821 [inline]\n team_queue_override_port_prio_changed drivers/net/team/team_core.c:883 [inline]\n team_priority_option_set+0x171/0x2f0 drivers/net/team/team_core.c:1534\n team_option_set drivers/net/team/team_core.c:376 [inline]\n team_nl_options_set_doit+0x8ae/0xe60 drivers/net/team/team_core.c:2653\n genl_family_rcv_msg_doit+0x209/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x55c/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x158/0x420 net/netlink/af_netlink.c:2552\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x8c8/0xdd0 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n ____sys_sendmsg+0xa98/0xc70 net/socket.c:2630\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2684\n __sys_sendmsg+0x16d/0x220 net/socket.c:2716\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe problem is in this flow:\n1) Port is enabled, queue_id != 0, in qom_list\n2) Port gets disabled\n -> team_port_disable()\n -> team_queue_override_port_del()\n -> del (removed from list)\n3) Port is disabled, queue_id != 0, not in any list\n4) Priority changes\n -> team_queue_override_port_prio_changed()\n -> checks: port disabled && queue_id != 0\n -> calls del - hits the BUG as it is removed already\n\nTo fix this, change the check in team_queue_override_port_prio_changed()\nso it returns early if port is not enabled.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-71091" }, { "cve":"CVE-2025-71120", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf\n\nA zero length gss_token results in pages == 0 and in_token->pages[0]\nis NULL. The code unconditionally evaluates\npage_address(in_token->pages[0]) for the initial memcpy, which can\ndereference NULL even when the copy length is 0. Guard the first\nmemcpy so it only runs when length > 0.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-71120" }, { "cve":"CVE-2026-22998", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec\n\nCommit efa56305908b (\"nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length\")\nadded ttag bounds checking and data_offset\nvalidation in nvmet_tcp_handle_h2c_data_pdu(), but it did not validate\nwhether the command's data structures (cmd->req.sg and cmd->iov) have\nbeen properly initialized before processing H2C_DATA PDUs.\n\nThe nvmet_tcp_build_pdu_iovec() function dereferences these pointers\nwithout NULL checks. This can be triggered by sending H2C_DATA PDU\nimmediately after the ICREQ/ICRESP handshake, before\nsending a CONNECT command or NVMe write command.\n\nAttack vectors that trigger NULL pointer dereferences:\n1. H2C_DATA PDU sent before CONNECT → both pointers NULL\n2. H2C_DATA PDU for READ command → cmd->req.sg allocated, cmd->iov NULL\n3. H2C_DATA PDU for uninitialized command slot → both pointers NULL\n\nThe fix validates both cmd->req.sg and cmd->iov before calling\nnvmet_tcp_build_pdu_iovec(). Both checks are required because:\n- Uninitialized commands: both NULL\n- READ commands: cmd->req.sg allocated, cmd->iov NULL\n- WRITE commands: both allocated", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.4, "vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2026-22998" }, { "cve":"CVE-2026-23038", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node()\n\nIn nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails,\nthe function jumps to the out_scratch label without freeing the already\nallocated dsaddrs list, leading to a memory leak.\n\nFix this by jumping to the out_err_drain_dsaddrs label, which properly\nfrees the dsaddrs list before cleaning up other resources.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1341" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-301.0.0.204.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-301.0.0.204.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2026-23038" } ] }