OESA-2023-1084

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1084
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1084.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2023-1084
Upstream
Published
2023-02-17T11:04:53Z
Modified
2025-08-12T05:14:34.118697Z
Summary
kernel security update
Details

The Linux Kernel, the operating system core itself.

Security Fix(es):

A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intelgvtdmamapguest_page function. This issue could allow a local user to crash the system.(CVE-2022-3707)

A NULL pointer dereference flaw was found in rawv6pushpending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.(CVE-2023-0394)

A use-after-free flaw was found in qdiscgraft in net/sched/schapi.c in the Linux Kernel due to a race problem leading to a denial-of-service problem.

Reference: https://lore.kernel.org/all/20221018203258.2793282-1-edumazet@google.com/

Crash: BUG: KASAN: use-after-free in _tcfqdiscfind.part.0+0xa3a/0xac0 net/sched/clsapi.c:1066 Read of size 4 at addr ffff88802065e038 by task syz-executor.4/21027

CPU: 0 PID: 21027 Comm: syz-executor.4 Not tainted 6.0.0-rc3-syzkaller-00363-g7726d4c3e60b #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
print_address_description mm/kasan/report.c:317 [inline]
print_report.cold+0x2ba/0x719 mm/kasan/report.c:433
kasan_report+0xb1/0x1e0 mm/kasan/report.c:495
__tcf_qdisc_find.part.0+0xa3a/0xac0 net/sched/cls_api.c:1066
__tcf_qdisc_find net/sched/cls_api.c:1051 [inline]
tc_new_tfilter+0x34f/0x2200 net/sched/cls_api.c:2018
rtnetlink_rcv_msg+0x955/0xca0 net/core/rtnetlink.c:6081
netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2501
netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
netlink_unicast+0x543/0x7f0 net/netlink/af_netlink.c:1345
netlink_sendmsg+0x917/0xe10 net/netlink/af_netlink.c:1921
sock_sendmsg_nosec net/socket.c:714 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:734
____sys_sendmsg+0x6eb/0x810 net/socket.c:2482
___sys_sendmsg+0x110/0x1b0 net/socket.c:2536
__sys_sendmsg+0xf3/0x1c0 net/socket.c:2565
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f5efaa89279(CVE-2023-0590)
Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS / kernel

Package

Name
kernel
Purl
pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.0-60.80.0.104.oe2203

Ecosystem specific 

{
    "aarch64": [
        "kernel-headers-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "perf-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-tools-devel-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-debugsource-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-debuginfo-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "bpftool-debuginfo-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "python3-perf-debuginfo-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-tools-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-devel-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "perf-debuginfo-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "bpftool-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-source-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "kernel-5.10.0-60.80.0.104.oe2203.aarch64.rpm",
        "python3-perf-5.10.0-60.80.0.104.oe2203.aarch64.rpm"
    ],
    "x86_64": [
        "perf-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-devel-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "python3-perf-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-debuginfo-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-source-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "bpftool-debuginfo-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-debugsource-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "bpftool-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "perf-debuginfo-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-tools-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "python3-perf-debuginfo-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-tools-devel-5.10.0-60.80.0.104.oe2203.x86_64.rpm",
        "kernel-headers-5.10.0-60.80.0.104.oe2203.x86_64.rpm"
    ],
    "src": [
        "kernel-5.10.0-60.80.0.104.oe2203.src.rpm"
    ]
}